General
-
Target
98b0ceb542b0c198d9cbafc46bf7d0c7f8b4b0a418a4bb8b336787d54c7b34fd
-
Size
932KB
-
Sample
221127-v5tbvsae2z
-
MD5
5bdbd0d69c232c6aa19fed358cb1df55
-
SHA1
049c2fa22106d59d2c7ecfab81590f184dc8c7e2
-
SHA256
98b0ceb542b0c198d9cbafc46bf7d0c7f8b4b0a418a4bb8b336787d54c7b34fd
-
SHA512
9da915e5369f731f62b16a9d1b63592faf024e250c32be0aa07b45e3a1a1abd0e5bb9ee9825f67dfa2d10326be99cdfa2a9f1cd505fa964bcd7732d16e3dcabc
-
SSDEEP
12288:Qtb20Qc3lT7af41ePBRYuQLKpqeUhbTv5OFgNuPPpHSga+lJ1JJ6A:Qtb20pkaCqT5TBWgNQ7aIFJ6A
Static task
static1
Behavioral task
behavioral1
Sample
98b0ceb542b0c198d9cbafc46bf7d0c7f8b4b0a418a4bb8b336787d54c7b34fd.exe
Resource
win7-20221111-en
Malware Config
Targets
-
-
Target
98b0ceb542b0c198d9cbafc46bf7d0c7f8b4b0a418a4bb8b336787d54c7b34fd
-
Size
932KB
-
MD5
5bdbd0d69c232c6aa19fed358cb1df55
-
SHA1
049c2fa22106d59d2c7ecfab81590f184dc8c7e2
-
SHA256
98b0ceb542b0c198d9cbafc46bf7d0c7f8b4b0a418a4bb8b336787d54c7b34fd
-
SHA512
9da915e5369f731f62b16a9d1b63592faf024e250c32be0aa07b45e3a1a1abd0e5bb9ee9825f67dfa2d10326be99cdfa2a9f1cd505fa964bcd7732d16e3dcabc
-
SSDEEP
12288:Qtb20Qc3lT7af41ePBRYuQLKpqeUhbTv5OFgNuPPpHSga+lJ1JJ6A:Qtb20pkaCqT5TBWgNQ7aIFJ6A
-
NetWire RAT payload
-
Executes dropped EXE
-
Loads dropped DLL
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-
Suspicious use of SetThreadContext
-