General
-
Target
1d7ca81448ae60ae26136cc053864e239a134e25b426c633978a3544f725c087
-
Size
172KB
-
Sample
221128-shxpnacd42
-
MD5
0e366a6d65b8917db763a30782a37f8b
-
SHA1
77e7a189f8d62a0d6e82192e8a20b89d5b1e5758
-
SHA256
1d7ca81448ae60ae26136cc053864e239a134e25b426c633978a3544f725c087
-
SHA512
8963860a819ed92dcb3e64028d82c28c0fb8e866906b7e851e3b09d75fede684de890218124e6c6bfb03a2c01b053efd0a9704af02e48a016687ffb34ba66ce6
-
SSDEEP
3072:+5WbaGDn0U8JbCOISWkC5feG0SILFdleB5xwubXcZdbM49PaBC04qPLCfjlZNoK:+21n0Uus+Kft0SILdIXvjCfjbJ
Static task
static1
Behavioral task
behavioral1
Sample
1d7ca81448ae60ae26136cc053864e239a134e25b426c633978a3544f725c087.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
1d7ca81448ae60ae26136cc053864e239a134e25b426c633978a3544f725c087.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
1d7ca81448ae60ae26136cc053864e239a134e25b426c633978a3544f725c087
-
Size
172KB
-
MD5
0e366a6d65b8917db763a30782a37f8b
-
SHA1
77e7a189f8d62a0d6e82192e8a20b89d5b1e5758
-
SHA256
1d7ca81448ae60ae26136cc053864e239a134e25b426c633978a3544f725c087
-
SHA512
8963860a819ed92dcb3e64028d82c28c0fb8e866906b7e851e3b09d75fede684de890218124e6c6bfb03a2c01b053efd0a9704af02e48a016687ffb34ba66ce6
-
SSDEEP
3072:+5WbaGDn0U8JbCOISWkC5feG0SILFdleB5xwubXcZdbM49PaBC04qPLCfjlZNoK:+21n0Uus+Kft0SILdIXvjCfjbJ
Score10/10-
NetWire RAT payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-