General
-
Target
5b30c4dafd1eec3dda306ba50cbe3eea2776d1851417602f51c94308ca0c06d8
-
Size
288KB
-
Sample
221128-xpl9qahd83
-
MD5
b64e104e4311c786de0455bf83677263
-
SHA1
7782ea628b522c987be35eaf0a65151304260f3e
-
SHA256
5b30c4dafd1eec3dda306ba50cbe3eea2776d1851417602f51c94308ca0c06d8
-
SHA512
2bb1cb4ff4127ea1dc4739e7ea8e52049a1659ceb94638d98f87a9804b47f50a403ff5a641549cac7a4a5eea895f1e14d77d2161e37deae16e0e0380e8e29657
-
SSDEEP
6144:8akMy0hZLDtnu+B1GeKwrF+zX+8PSj8EqLLKfKYEp:88VhZoLe7MzRSI/Kf
Static task
static1
Behavioral task
behavioral1
Sample
5b30c4dafd1eec3dda306ba50cbe3eea2776d1851417602f51c94308ca0c06d8.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
5b30c4dafd1eec3dda306ba50cbe3eea2776d1851417602f51c94308ca0c06d8.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
5b30c4dafd1eec3dda306ba50cbe3eea2776d1851417602f51c94308ca0c06d8
-
Size
288KB
-
MD5
b64e104e4311c786de0455bf83677263
-
SHA1
7782ea628b522c987be35eaf0a65151304260f3e
-
SHA256
5b30c4dafd1eec3dda306ba50cbe3eea2776d1851417602f51c94308ca0c06d8
-
SHA512
2bb1cb4ff4127ea1dc4739e7ea8e52049a1659ceb94638d98f87a9804b47f50a403ff5a641549cac7a4a5eea895f1e14d77d2161e37deae16e0e0380e8e29657
-
SSDEEP
6144:8akMy0hZLDtnu+B1GeKwrF+zX+8PSj8EqLLKfKYEp:88VhZoLe7MzRSI/Kf
Score10/10-
NetWire RAT payload
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-