General
-
Target
8d74453079ccde24cfa1ffd5b6524d568362b6df211a5fb0f9fd8a9a0f379654
-
Size
422KB
-
Sample
221126-t1425abg6z
-
MD5
e6628f83f72ca99eea237c34a99dabac
-
SHA1
9d9754b3a4e912944f688d4627e942608dfcb613
-
SHA256
8d74453079ccde24cfa1ffd5b6524d568362b6df211a5fb0f9fd8a9a0f379654
-
SHA512
92cfb0950e9d246c7af9b73280c39bbc6ce224fcacf91ef0a3ac8435c2269caa691c48bf7ce64cae2b1feacc0025f9608ed8e3574a8ff98bbe7f3de0d937d181
-
SSDEEP
6144:FnSClxLCbLhPJgPiIFr61pqJClxLCbLhPJgPi8oWK3DuW3pDzsQJXloSQ:FnSWRCROiQ6HqJWRCROi9Pzu0ds8XeS
Malware Config
Targets
-
-
Target
8d74453079ccde24cfa1ffd5b6524d568362b6df211a5fb0f9fd8a9a0f379654
-
Size
422KB
-
MD5
e6628f83f72ca99eea237c34a99dabac
-
SHA1
9d9754b3a4e912944f688d4627e942608dfcb613
-
SHA256
8d74453079ccde24cfa1ffd5b6524d568362b6df211a5fb0f9fd8a9a0f379654
-
SHA512
92cfb0950e9d246c7af9b73280c39bbc6ce224fcacf91ef0a3ac8435c2269caa691c48bf7ce64cae2b1feacc0025f9608ed8e3574a8ff98bbe7f3de0d937d181
-
SSDEEP
6144:FnSClxLCbLhPJgPiIFr61pqJClxLCbLhPJgPi8oWK3DuW3pDzsQJXloSQ:FnSWRCROiQ6HqJWRCROi9Pzu0ds8XeS
Score10/10-
NetWire RAT payload
-
Netwire
Netwire is a RAT with main functionalities focused password stealing and keylogging, but also includes remote control capabilities as well.
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-