General
-
Target
842e6dc655f79aec1f9a1f7804007f079d912db14b4758ccf68c8014a4c7aa82
-
Size
136KB
-
Sample
221127-amgvwsaf9t
-
MD5
45de34860d873e77958b13f5a93a3594
-
SHA1
0a2956f89b648e796b298ed929f72cb57a6f5b04
-
SHA256
842e6dc655f79aec1f9a1f7804007f079d912db14b4758ccf68c8014a4c7aa82
-
SHA512
67d7fcc0478fe3ed819fd46772560cb3bc5c2c374225d940992098b73c5317f77084360a117f414ea8278e606ce48424e2703b091d8e21362a82ff4c9df7c237
-
SSDEEP
3072:3b0X3trVAkbdOjJjnkAMVd+MIv1Zm67eu+1Rinqhm:rotrVAeEBnkA0dJh6iuKf
Static task
static1
Behavioral task
behavioral1
Sample
842e6dc655f79aec1f9a1f7804007f079d912db14b4758ccf68c8014a4c7aa82.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
842e6dc655f79aec1f9a1f7804007f079d912db14b4758ccf68c8014a4c7aa82.exe
Resource
win10v2004-20220901-en
Malware Config
Targets
-
-
Target
842e6dc655f79aec1f9a1f7804007f079d912db14b4758ccf68c8014a4c7aa82
-
Size
136KB
-
MD5
45de34860d873e77958b13f5a93a3594
-
SHA1
0a2956f89b648e796b298ed929f72cb57a6f5b04
-
SHA256
842e6dc655f79aec1f9a1f7804007f079d912db14b4758ccf68c8014a4c7aa82
-
SHA512
67d7fcc0478fe3ed819fd46772560cb3bc5c2c374225d940992098b73c5317f77084360a117f414ea8278e606ce48424e2703b091d8e21362a82ff4c9df7c237
-
SSDEEP
3072:3b0X3trVAkbdOjJjnkAMVd+MIv1Zm67eu+1Rinqhm:rotrVAeEBnkA0dJh6iuKf
Score10/10-
NetWire RAT payload
-
Executes dropped EXE
-
Modifies Installed Components in the registry
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-