General
-
Target
97888311b4bde5d9acef061c74ff13890f41bdffc3545d98d9e9622ed5de8a9d
-
Size
650KB
-
Sample
221127-gpmx9ahd5z
-
MD5
c7f61aa39f1928fa3fd713907bd93881
-
SHA1
7ace5812622d9a8aa07173a0b4729b76e0d919a1
-
SHA256
97888311b4bde5d9acef061c74ff13890f41bdffc3545d98d9e9622ed5de8a9d
-
SHA512
2514f6090d45aec9fd13fa68b677344e8335cd7524e71e88fbb3e00667382dc3efd83159c8eabf3f13aff97bf3d3433bbe19d953b881785a9cd7901574a7b1b6
-
SSDEEP
6144:PQB8IJTNH5/Fbdr05bW4Y1s43AfVQgvyAk/vTvUxfOc05aW1pKM:PQB8IJTNZ/FbdI5bLDfpk2On5H
Malware Config
Targets
-
-
Target
97888311b4bde5d9acef061c74ff13890f41bdffc3545d98d9e9622ed5de8a9d
-
Size
650KB
-
MD5
c7f61aa39f1928fa3fd713907bd93881
-
SHA1
7ace5812622d9a8aa07173a0b4729b76e0d919a1
-
SHA256
97888311b4bde5d9acef061c74ff13890f41bdffc3545d98d9e9622ed5de8a9d
-
SHA512
2514f6090d45aec9fd13fa68b677344e8335cd7524e71e88fbb3e00667382dc3efd83159c8eabf3f13aff97bf3d3433bbe19d953b881785a9cd7901574a7b1b6
-
SSDEEP
6144:PQB8IJTNH5/Fbdr05bW4Y1s43AfVQgvyAk/vTvUxfOc05aW1pKM:PQB8IJTNZ/FbdI5bLDfpk2On5H
Score10/10-
NetWire RAT payload
-
Netwire
Netwire is a RAT with main functionalities focused password stealing and keylogging, but also includes remote control capabilities as well.
-
Executes dropped EXE
-
Modifies Installed Components in the registry
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Loads dropped DLL
-
Adds Run key to start application
-