General
-
Target
baf168f95f37380c22bc1e385e73fdae7ac384381a0586084dbf94d8f639063d
-
Size
160KB
-
Sample
221128-v2m1nscd25
-
MD5
353e2f067d91a418c1e33a0c6fc438ab
-
SHA1
1fafad6f29fe51416f05f2644742d10ebfae86e2
-
SHA256
baf168f95f37380c22bc1e385e73fdae7ac384381a0586084dbf94d8f639063d
-
SHA512
4895ac68a8bbdb699b11f5bfa771a65d651d36e1b03813af0747660187fd10964bd44df5db0a663f344270b20c9c046525222f80195c99b79f591da2058ed337
-
SSDEEP
3072:HQl1XQB8Dl2v90PgQLVBpPXGVc8R3dB88BoyRs9oFTecls6QmSTq2JpEu:w1XQB8xVXGVc87tZMcls6QmS9k
Static task
static1
Behavioral task
behavioral1
Sample
baf168f95f37380c22bc1e385e73fdae7ac384381a0586084dbf94d8f639063d.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
baf168f95f37380c22bc1e385e73fdae7ac384381a0586084dbf94d8f639063d.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
baf168f95f37380c22bc1e385e73fdae7ac384381a0586084dbf94d8f639063d
-
Size
160KB
-
MD5
353e2f067d91a418c1e33a0c6fc438ab
-
SHA1
1fafad6f29fe51416f05f2644742d10ebfae86e2
-
SHA256
baf168f95f37380c22bc1e385e73fdae7ac384381a0586084dbf94d8f639063d
-
SHA512
4895ac68a8bbdb699b11f5bfa771a65d651d36e1b03813af0747660187fd10964bd44df5db0a663f344270b20c9c046525222f80195c99b79f591da2058ed337
-
SSDEEP
3072:HQl1XQB8Dl2v90PgQLVBpPXGVc8R3dB88BoyRs9oFTecls6QmSTq2JpEu:w1XQB8xVXGVc87tZMcls6QmS9k
Score10/10-
NetWire RAT payload
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-