General
-
Target
b79dae4f637d5de6f2fbbf5792ee32722855966a72f0a5cf674a1f972da5af4a
-
Size
156KB
-
Sample
221128-qdsh2aef27
-
MD5
c066281525814a0b9b70842dfba0a728
-
SHA1
0191c82db08d05a914cc6450206b92bf64270232
-
SHA256
b79dae4f637d5de6f2fbbf5792ee32722855966a72f0a5cf674a1f972da5af4a
-
SHA512
da77f2c75a4f277d15216a20578fe602be4492dde0b11bf788b3347b3d85d430b05a1a5cb85617da249fa3cb3306a4b778768c63c8cf1bd1081c89c0959a9ff9
-
SSDEEP
3072:oN++i8L367k7uY+5BaGNQVbls/k+HNwC4zRviN9K:ocC67lfOAQhMTHNws
Static task
static1
Behavioral task
behavioral1
Sample
b79dae4f637d5de6f2fbbf5792ee32722855966a72f0a5cf674a1f972da5af4a.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
b79dae4f637d5de6f2fbbf5792ee32722855966a72f0a5cf674a1f972da5af4a.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
b79dae4f637d5de6f2fbbf5792ee32722855966a72f0a5cf674a1f972da5af4a
-
Size
156KB
-
MD5
c066281525814a0b9b70842dfba0a728
-
SHA1
0191c82db08d05a914cc6450206b92bf64270232
-
SHA256
b79dae4f637d5de6f2fbbf5792ee32722855966a72f0a5cf674a1f972da5af4a
-
SHA512
da77f2c75a4f277d15216a20578fe602be4492dde0b11bf788b3347b3d85d430b05a1a5cb85617da249fa3cb3306a4b778768c63c8cf1bd1081c89c0959a9ff9
-
SSDEEP
3072:oN++i8L367k7uY+5BaGNQVbls/k+HNwC4zRviN9K:ocC67lfOAQhMTHNws
Score10/10-
NetWire RAT payload
-
Modifies Installed Components in the registry
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-