General
-
Target
02e2f374592453f9f876b18edce1a0031dcabbbfba71d53975ef27d17c8e3780
-
Size
149KB
-
Sample
221127-154eqagd41
-
MD5
d5193a1b6c0330d62f6ce1222c92e121
-
SHA1
39841d086cf7981e665ca10e020d4477a2ded5ff
-
SHA256
02e2f374592453f9f876b18edce1a0031dcabbbfba71d53975ef27d17c8e3780
-
SHA512
76d791fbe73412fa0f9f5bffd938c4886a8c9a6f9a7b65136ef166c324e8c67ead3f096445547ccc531fa409b3dbe081d460bc0e453ffda6bb3505580e5b53b2
-
SSDEEP
3072:1sD7iquVhI0fyVMD8tgbDQiDFaIgSkSFWHy:2D7iquVVys8teYIgaWS
Static task
static1
Behavioral task
behavioral1
Sample
02e2f374592453f9f876b18edce1a0031dcabbbfba71d53975ef27d17c8e3780.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
02e2f374592453f9f876b18edce1a0031dcabbbfba71d53975ef27d17c8e3780.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
02e2f374592453f9f876b18edce1a0031dcabbbfba71d53975ef27d17c8e3780
-
Size
149KB
-
MD5
d5193a1b6c0330d62f6ce1222c92e121
-
SHA1
39841d086cf7981e665ca10e020d4477a2ded5ff
-
SHA256
02e2f374592453f9f876b18edce1a0031dcabbbfba71d53975ef27d17c8e3780
-
SHA512
76d791fbe73412fa0f9f5bffd938c4886a8c9a6f9a7b65136ef166c324e8c67ead3f096445547ccc531fa409b3dbe081d460bc0e453ffda6bb3505580e5b53b2
-
SSDEEP
3072:1sD7iquVhI0fyVMD8tgbDQiDFaIgSkSFWHy:2D7iquVVys8teYIgaWS
Score10/10-
NetWire RAT payload
-
Executes dropped EXE
-
Modifies Installed Components in the registry
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-