General
-
Target
6276bd7afc3908629d69b2313f2553595991e2b1e0dc2e3a425b370104caa3d7
-
Size
136KB
-
Sample
221127-d8akgsfh28
-
MD5
2505742ae27ef7ae5d8a86b4933d39f8
-
SHA1
adee8a16bbbc686c5809ca62701b70abf58381c6
-
SHA256
6276bd7afc3908629d69b2313f2553595991e2b1e0dc2e3a425b370104caa3d7
-
SHA512
dd986772ecf56c3b6017f95207d851ee265196b2e00ea39e7c5a8a91fce9800ba5900ebad73ef3b54b2f5c02099e126ca8386b3499cd747c77e1ac7189cf7902
-
SSDEEP
3072:nCXSB4NcMTwxerG44kSFfOaRW4J3ELpLgE:nHBLdwAkSRv
Static task
static1
Behavioral task
behavioral1
Sample
6276bd7afc3908629d69b2313f2553595991e2b1e0dc2e3a425b370104caa3d7.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
6276bd7afc3908629d69b2313f2553595991e2b1e0dc2e3a425b370104caa3d7.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
6276bd7afc3908629d69b2313f2553595991e2b1e0dc2e3a425b370104caa3d7
-
Size
136KB
-
MD5
2505742ae27ef7ae5d8a86b4933d39f8
-
SHA1
adee8a16bbbc686c5809ca62701b70abf58381c6
-
SHA256
6276bd7afc3908629d69b2313f2553595991e2b1e0dc2e3a425b370104caa3d7
-
SHA512
dd986772ecf56c3b6017f95207d851ee265196b2e00ea39e7c5a8a91fce9800ba5900ebad73ef3b54b2f5c02099e126ca8386b3499cd747c77e1ac7189cf7902
-
SSDEEP
3072:nCXSB4NcMTwxerG44kSFfOaRW4J3ELpLgE:nHBLdwAkSRv
Score10/10-
NetWire RAT payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-