General
-
Target
e9c7832397a4f00fc85845654e84fa9b1328b3f0e9ab68f8913a3118cb69cb85
-
Size
144KB
-
Sample
221127-vcm95sgc61
-
MD5
5b62aeb2ef7409bcac4540d68158e25d
-
SHA1
13fa0c4fd8f223385ea0a662d0eb499fce4f864a
-
SHA256
e9c7832397a4f00fc85845654e84fa9b1328b3f0e9ab68f8913a3118cb69cb85
-
SHA512
4ef6e33a7d81736addadf104603d9353ae3858312bcb65c224cf1c6076fb1b10770d697259a86e740a2cf27f7d108a3978764e9a6f47c0565da3b6d7caefc74a
-
SSDEEP
3072:NnUGRLYmgDip8NxBjmHGVX6UF2Fx24QM2/4iuBRIyQJIyjXsb5:OGRqDr70W6UFGj2AiuYhs
Malware Config
Targets
-
-
Target
e9c7832397a4f00fc85845654e84fa9b1328b3f0e9ab68f8913a3118cb69cb85
-
Size
144KB
-
MD5
5b62aeb2ef7409bcac4540d68158e25d
-
SHA1
13fa0c4fd8f223385ea0a662d0eb499fce4f864a
-
SHA256
e9c7832397a4f00fc85845654e84fa9b1328b3f0e9ab68f8913a3118cb69cb85
-
SHA512
4ef6e33a7d81736addadf104603d9353ae3858312bcb65c224cf1c6076fb1b10770d697259a86e740a2cf27f7d108a3978764e9a6f47c0565da3b6d7caefc74a
-
SSDEEP
3072:NnUGRLYmgDip8NxBjmHGVX6UF2Fx24QM2/4iuBRIyQJIyjXsb5:OGRqDr70W6UFGj2AiuYhs
Score10/10-
NetWire RAT payload
-
Netwire
Netwire is a RAT with main functionalities focused password stealing and keylogging, but also includes remote control capabilities as well.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-