General
-
Target
3b7965955c76752c635a89d5124c15ec90a91e4469375976b860ba61e9f51b93
-
Size
141KB
-
Sample
221127-etk84shc39
-
MD5
9f3a2c39b2697ccfb4fbd3a9317c3f8b
-
SHA1
45af562894d49f33aa15316e3a975d8de13921a8
-
SHA256
3b7965955c76752c635a89d5124c15ec90a91e4469375976b860ba61e9f51b93
-
SHA512
f50efc6d91c1768a740db7e58eacc9d65d5f81fb3ea899c1533a31e3c276ae99f2fafdc9922c697e0c80ebe541bfe0265a492f5b19a9fb2fff60d9c0b4240428
-
SSDEEP
3072:7Asj8MBX8s0oXJLrJY7+Ne4tgJFvcHWK9BAMprDgkZPU8n20PjK9vNPszT:7AsBZtK7+FtgJFvc2mrDgkZPUw20Pji8
Static task
static1
Behavioral task
behavioral1
Sample
3b7965955c76752c635a89d5124c15ec90a91e4469375976b860ba61e9f51b93.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
3b7965955c76752c635a89d5124c15ec90a91e4469375976b860ba61e9f51b93.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
3b7965955c76752c635a89d5124c15ec90a91e4469375976b860ba61e9f51b93
-
Size
141KB
-
MD5
9f3a2c39b2697ccfb4fbd3a9317c3f8b
-
SHA1
45af562894d49f33aa15316e3a975d8de13921a8
-
SHA256
3b7965955c76752c635a89d5124c15ec90a91e4469375976b860ba61e9f51b93
-
SHA512
f50efc6d91c1768a740db7e58eacc9d65d5f81fb3ea899c1533a31e3c276ae99f2fafdc9922c697e0c80ebe541bfe0265a492f5b19a9fb2fff60d9c0b4240428
-
SSDEEP
3072:7Asj8MBX8s0oXJLrJY7+Ne4tgJFvcHWK9BAMprDgkZPU8n20PjK9vNPszT:7AsBZtK7+FtgJFvc2mrDgkZPUw20Pji8
Score10/10-
NetWire RAT payload
-
Executes dropped EXE
-
Modifies Installed Components in the registry
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-