netwire | 50ac9c4758461788ec7d8ac28660f8ca1c525b8c72f1575c62ac79d66be97bb2 | Triage

Sharing

General

Target

1620-145-0x0000000000400000-0x0000000000450000-memory.dmp
Size

320KB
Sample

221208-s6jspsad67
MD5

f63942e9ee0ced3570e3ea35fa58d3a8
SHA1

a2faf13354bb8f71e7bc4a793beaa885086c08a7
SHA256

50ac9c4758461788ec7d8ac28660f8ca1c525b8c72f1575c62ac79d66be97bb2
SHA512

242f998c15eba824f0f41bcf6e20422cea2500f82e9ed5b4b6ee15045ce7532f3c61962b3167e6545456c5cb8b5e3f5fd351dd7f6812e874f181e70496908fab
SSDEEP

6144:ebhnot4+sbOAtbkfHLDiT6OzR8Q0l+/NyqRKbhoXqqD8XA8B:elnot4+UwLDiT6OzR8llAgqWB

Score

10^/10

netwire rat

Malware Config

Extracted

Family

netwire

C2

podzeye2.duckdns.org:4433

Attributes

activex_autorun
false
copy_executable
false
delete_original
false
host_id
HostId-%Rand%
lock_executable
false
offline_keylogger
false
password
Password
registry_autorun
false
use_mutex
false

Targets

- Target
  
  1620-145-0x0000000000400000-0x0000000000450000-memory.dmp
- Size
  
  320KB
- MD5
  
  f63942e9ee0ced3570e3ea35fa58d3a8
- SHA1
  
  a2faf13354bb8f71e7bc4a793beaa885086c08a7
- SHA256
  
  50ac9c4758461788ec7d8ac28660f8ca1c525b8c72f1575c62ac79d66be97bb2
- SHA512
  
  242f998c15eba824f0f41bcf6e20422cea2500f82e9ed5b4b6ee15045ce7532f3c61962b3167e6545456c5cb8b5e3f5fd351dd7f6812e874f181e70496908fab
- SSDEEP
  
  6144:ebhnot4+sbOAtbkfHLDiT6OzR8Q0l+/NyqRKbhoXqqD8XA8B:elnot4+UwLDiT6OzR8llAgqWB
Score

1^/10
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2