General
-
Target
13cea6d656bcb5b411cb752db32350c51ce1e6794b75de96bdb20efe6ea4ceb0
-
Size
175KB
-
Sample
221127-191jmagg21
-
MD5
6aa0e97bec377f4c535c4173f6c256a7
-
SHA1
d6c4a2d49f3dbfe80a273da580b076a510a88c18
-
SHA256
13cea6d656bcb5b411cb752db32350c51ce1e6794b75de96bdb20efe6ea4ceb0
-
SHA512
ff024f1848816aa385986e6abb8040f329a9d6ceafb28db3d7ffe40e3509a82a3239c84df1c0173ac4eedc61f434da4654db60e7db3b4f714fdb3cec2722fac2
-
SSDEEP
3072:P4sye0QXZRRDmlglKsXZ19qkGDfpzfhCLGVPUuycMB:wsy7AFygweZ7v6fdhQGhU19
Static task
static1
Behavioral task
behavioral1
Sample
13cea6d656bcb5b411cb752db32350c51ce1e6794b75de96bdb20efe6ea4ceb0.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
13cea6d656bcb5b411cb752db32350c51ce1e6794b75de96bdb20efe6ea4ceb0.exe
Resource
win10v2004-20220901-en
Malware Config
Targets
-
-
Target
13cea6d656bcb5b411cb752db32350c51ce1e6794b75de96bdb20efe6ea4ceb0
-
Size
175KB
-
MD5
6aa0e97bec377f4c535c4173f6c256a7
-
SHA1
d6c4a2d49f3dbfe80a273da580b076a510a88c18
-
SHA256
13cea6d656bcb5b411cb752db32350c51ce1e6794b75de96bdb20efe6ea4ceb0
-
SHA512
ff024f1848816aa385986e6abb8040f329a9d6ceafb28db3d7ffe40e3509a82a3239c84df1c0173ac4eedc61f434da4654db60e7db3b4f714fdb3cec2722fac2
-
SSDEEP
3072:P4sye0QXZRRDmlglKsXZ19qkGDfpzfhCLGVPUuycMB:wsy7AFygweZ7v6fdhQGhU19
Score10/10-
NetWire RAT payload
-
Executes dropped EXE
-
Modifies Installed Components in the registry
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-