General
-
Target
867bbf27321e753488c2059786a7ed47b926b1f7126485aa0479b377feb2e6a2
-
Size
224KB
-
Sample
221127-e7nldsdg4t
-
MD5
dc3599f5fb156037ff60d7beb963def1
-
SHA1
a4bf6e63bf76acd4693b3134958321deef9aae36
-
SHA256
867bbf27321e753488c2059786a7ed47b926b1f7126485aa0479b377feb2e6a2
-
SHA512
b1853abe07adf6791e56dede36a3d469928970ab3553501f2d2489a99bce31a002d53cbe54fbeee2d88baf05d300de905624ddedab397dd219e01fdeedc29e9c
-
SSDEEP
6144:pAsBZEwCioIHjiFLkaQctVoCN/E4IgS8moQ87KlV08:sw7ljiVMctpmJgNmo57aV
Static task
static1
Behavioral task
behavioral1
Sample
867bbf27321e753488c2059786a7ed47b926b1f7126485aa0479b377feb2e6a2.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
867bbf27321e753488c2059786a7ed47b926b1f7126485aa0479b377feb2e6a2.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
867bbf27321e753488c2059786a7ed47b926b1f7126485aa0479b377feb2e6a2
-
Size
224KB
-
MD5
dc3599f5fb156037ff60d7beb963def1
-
SHA1
a4bf6e63bf76acd4693b3134958321deef9aae36
-
SHA256
867bbf27321e753488c2059786a7ed47b926b1f7126485aa0479b377feb2e6a2
-
SHA512
b1853abe07adf6791e56dede36a3d469928970ab3553501f2d2489a99bce31a002d53cbe54fbeee2d88baf05d300de905624ddedab397dd219e01fdeedc29e9c
-
SSDEEP
6144:pAsBZEwCioIHjiFLkaQctVoCN/E4IgS8moQ87KlV08:sw7ljiVMctpmJgNmo57aV
Score10/10-
NetWire RAT payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-