General
-
Target
bc4dc46d7a7cd8693d04d5d78c91f584d03186bcd5246c5cd0dd546a13011d02
-
Size
194KB
-
Sample
221127-fkb5hsba83
-
MD5
3ec662d3e6a70da2a026951a987e4425
-
SHA1
37fa066e35cdbeae7fb2ef13529097b971773725
-
SHA256
bc4dc46d7a7cd8693d04d5d78c91f584d03186bcd5246c5cd0dd546a13011d02
-
SHA512
6e9b5e74aa8e569a2d30ae15f00131d37bdfc97ebf5dc78fca59e83f9188381f0b122fe462d7808bbcb7c2796b83a5bbb4691fcf2d46692d50a5782f452888e3
-
SSDEEP
6144:r9Xuji6hAheEsKL0PUmXruVSGGfFu3FZu:VreEpgGSIg
Static task
static1
Behavioral task
behavioral1
Sample
bc4dc46d7a7cd8693d04d5d78c91f584d03186bcd5246c5cd0dd546a13011d02.exe
Resource
win7-20220812-en
Malware Config
Targets
-
-
Target
bc4dc46d7a7cd8693d04d5d78c91f584d03186bcd5246c5cd0dd546a13011d02
-
Size
194KB
-
MD5
3ec662d3e6a70da2a026951a987e4425
-
SHA1
37fa066e35cdbeae7fb2ef13529097b971773725
-
SHA256
bc4dc46d7a7cd8693d04d5d78c91f584d03186bcd5246c5cd0dd546a13011d02
-
SHA512
6e9b5e74aa8e569a2d30ae15f00131d37bdfc97ebf5dc78fca59e83f9188381f0b122fe462d7808bbcb7c2796b83a5bbb4691fcf2d46692d50a5782f452888e3
-
SSDEEP
6144:r9Xuji6hAheEsKL0PUmXruVSGGfFu3FZu:VreEpgGSIg
-
NetWire RAT payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-