General
-
Target
00356e79e7a08ebf31b17e50182868d721e250858eb143e3b31e5c4d05e8a25b
-
Size
950KB
-
Sample
221127-r1bz8saa3v
-
MD5
5e0194f52714555150f5a255b41c1f45
-
SHA1
1da2e3af983e08dbeec3931c796cc6c22d7ab67f
-
SHA256
00356e79e7a08ebf31b17e50182868d721e250858eb143e3b31e5c4d05e8a25b
-
SHA512
e2d61183e260a093d36e2c4b4a1394197790ed4622bb4c87191fb9e1ab53e548d79e8845adf275ed7faa8d89bbcf1237e909c9de1365448adadbf927f6175585
-
SSDEEP
24576:W4lavt0LkLL9IMixoEgeaqbQ9N/q9MmCS:hkwkn9IMHeaqbiaPCS
Static task
static1
Behavioral task
behavioral1
Sample
00356e79e7a08ebf31b17e50182868d721e250858eb143e3b31e5c4d05e8a25b.exe
Resource
win7-20220812-en
Malware Config
Targets
-
-
Target
00356e79e7a08ebf31b17e50182868d721e250858eb143e3b31e5c4d05e8a25b
-
Size
950KB
-
MD5
5e0194f52714555150f5a255b41c1f45
-
SHA1
1da2e3af983e08dbeec3931c796cc6c22d7ab67f
-
SHA256
00356e79e7a08ebf31b17e50182868d721e250858eb143e3b31e5c4d05e8a25b
-
SHA512
e2d61183e260a093d36e2c4b4a1394197790ed4622bb4c87191fb9e1ab53e548d79e8845adf275ed7faa8d89bbcf1237e909c9de1365448adadbf927f6175585
-
SSDEEP
24576:W4lavt0LkLL9IMixoEgeaqbQ9N/q9MmCS:hkwkn9IMHeaqbiaPCS
-
NetWire RAT payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-