General
-
Target
6353f901cdb1a791ba9e510e4362ac7d0864de44a72c8e28df10b195395ce8ef
-
Size
162KB
-
Sample
221127-am5xqaag31
-
MD5
06c5e675a928af42a54ff44311a7da4d
-
SHA1
a0b444e5887b47cc62fa6adf38f7ff4f8cfb286e
-
SHA256
6353f901cdb1a791ba9e510e4362ac7d0864de44a72c8e28df10b195395ce8ef
-
SHA512
356c8a98761ed6da6c8ca6bfcb00b506c30dca0e9576ef8d8ea5a2d67a5f96953dd0e5d7e5774895c19ef3636c1f39ff882175db80b4ab7f22e0710473040a4b
-
SSDEEP
3072:EOlM4WsbW2lvSs9qQyenKZgSAVsy4h/HMfPEXN7SXKcTFS+RRHlOHdflKb:NKgvSs9ndnpSZySM76cTk+/kFs
Static task
static1
Behavioral task
behavioral1
Sample
6353f901cdb1a791ba9e510e4362ac7d0864de44a72c8e28df10b195395ce8ef.exe
Resource
win7-20220901-en
Malware Config
Targets
-
-
Target
6353f901cdb1a791ba9e510e4362ac7d0864de44a72c8e28df10b195395ce8ef
-
Size
162KB
-
MD5
06c5e675a928af42a54ff44311a7da4d
-
SHA1
a0b444e5887b47cc62fa6adf38f7ff4f8cfb286e
-
SHA256
6353f901cdb1a791ba9e510e4362ac7d0864de44a72c8e28df10b195395ce8ef
-
SHA512
356c8a98761ed6da6c8ca6bfcb00b506c30dca0e9576ef8d8ea5a2d67a5f96953dd0e5d7e5774895c19ef3636c1f39ff882175db80b4ab7f22e0710473040a4b
-
SSDEEP
3072:EOlM4WsbW2lvSs9qQyenKZgSAVsy4h/HMfPEXN7SXKcTFS+RRHlOHdflKb:NKgvSs9ndnpSZySM76cTk+/kFs
-
NetWire RAT payload
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-