General

  • Target

    6ed342acefa56734d0955db0915287c62e5da3b9102379adced43819331e0977

  • Size

    536KB

  • Sample

    221130-rb8ynsfg25

  • MD5

    e9e65f73b3eb81d2fb312b0e1fa4f091

  • SHA1

    ec1e33af0dcbe17c0de79f6a426a6dec1039e40b

  • SHA256

    6ed342acefa56734d0955db0915287c62e5da3b9102379adced43819331e0977

  • SHA512

    01a19c9e6e587ed40fc0e46ab85ed4a61840e017d8fb312044ccb912bb0cfc758f3cbad5b3909ddf3685dc1c80e1c9f0d071bde42cad5fcf12bb72ec4b8e82e4

  • SSDEEP

    12288:SpsHWt8M7brU105+puxiaGg6HxCXxh7z9G:SpsHU8M7s2IpeiaeYv75G

Malware Config

Targets

    • Target

      6ed342acefa56734d0955db0915287c62e5da3b9102379adced43819331e0977

    • Size

      536KB

    • MD5

      e9e65f73b3eb81d2fb312b0e1fa4f091

    • SHA1

      ec1e33af0dcbe17c0de79f6a426a6dec1039e40b

    • SHA256

      6ed342acefa56734d0955db0915287c62e5da3b9102379adced43819331e0977

    • SHA512

      01a19c9e6e587ed40fc0e46ab85ed4a61840e017d8fb312044ccb912bb0cfc758f3cbad5b3909ddf3685dc1c80e1c9f0d071bde42cad5fcf12bb72ec4b8e82e4

    • SSDEEP

      12288:SpsHWt8M7brU105+puxiaGg6HxCXxh7z9G:SpsHU8M7s2IpeiaeYv75G

    • NetWire RAT payload

    • Netwire

      Netwire is a RAT with main functionalities focused password stealing and keylogging, but also includes remote control capabilities as well.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks