netwire | 257725af298340e45ae63a2137b9b33e6cbc9ef4e50d17ce66d1c67ed7dd7dec | Triage

Submit
Reports

Overview

overview

Static

static

1

257725af29...ec.exe

windows7-x64

257725af29...ec.exe

windows10-2004-x64

Sharing

General

Target

257725af298340e45ae63a2137b9b33e6cbc9ef4e50d17ce66d1c67ed7dd7dec
Size

134KB
Sample

221128-p2mf9adg54
MD5

c1537ed56e98e1d94e45c12a1c3b1c22
SHA1

130a399f36793ba7103b90ab8f0e8fb25521206a
SHA256

257725af298340e45ae63a2137b9b33e6cbc9ef4e50d17ce66d1c67ed7dd7dec
SHA512

fadf810b40365730f01b8740d4a8222f4bc90eb04a44b8b9b2a536e809fda39ed9c7275f3cc1769cfeb4a7e2b3f61092bc5e39bde391eef8933c3a2b4e7f9be9
SSDEEP

3072:OAsj8MBX8s0oXJMqmBF36Z3xOaWgw1o2SOBgkATMa8Xna6cjTbLe:OAsBZKqmj6uyw8OBgjF83anjPS

Score

10^/10

netwire botnet rat stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

257725af298340e45ae63a2137b9b33e6cbc9ef4e50d17ce66d1c67ed7dd7dec.exe

Resource

win7-20220812-en

netwire botnet rat stealer

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

257725af298340e45ae63a2137b9b33e6cbc9ef4e50d17ce66d1c67ed7dd7dec.exe

Resource

win10v2004-20221111-en

netwire botnet rat stealer

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  257725af298340e45ae63a2137b9b33e6cbc9ef4e50d17ce66d1c67ed7dd7dec
- Size
  
  134KB
- MD5
  
  c1537ed56e98e1d94e45c12a1c3b1c22
- SHA1
  
  130a399f36793ba7103b90ab8f0e8fb25521206a
- SHA256
  
  257725af298340e45ae63a2137b9b33e6cbc9ef4e50d17ce66d1c67ed7dd7dec
- SHA512
  
  fadf810b40365730f01b8740d4a8222f4bc90eb04a44b8b9b2a536e809fda39ed9c7275f3cc1769cfeb4a7e2b3f61092bc5e39bde391eef8933c3a2b4e7f9be9
- SSDEEP
  
  3072:OAsj8MBX8s0oXJMqmBF36Z3xOaWgw1o2SOBgkATMa8Xna6cjTbLe:OAsBZKqmj6uyw8OBgjF83anjPS
Score

10^/10

netwire botnet rat stealer
- NetWire RAT payload
  rat
- Netwire
  Netwire is a RAT with main functionalities focused password stealing and keylogging, but also includes remote control capabilities as well.
  botnet stealer netwire
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

netwirebotnetratstealer

behavioral2

netwirebotnetratstealer

© 2018-2024

Terms | Privacy