Overview

overview

10

Static

static

10

1548-69-0x...ry.exe

windows7-x64

1548-69-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1548-69-0x0000000000310000-0x00000000008FA000-memory.dmp

  • Size

    5.9MB

  • Sample

    221209-f2bv3scd65

  • MD5

    f3ab5e9c66675148895259b48a2fa413

  • SHA1

    f39543ceb0eac1b9e28b20325d8f279d2c655411

  • SHA256

    2b327bb028f54c12f57b0bc61f5f8483df25faf0d537a370cca38f15f6be731e

  • SHA512

    f322c2eb567eefbfe8410468bde648e9ff5f72df2890120b9be65106d7a1d27e61132e719776fb1672a33a4e53316bc614bc69a6adb05f2e2f30a0801f937815

  • SSDEEP

    6144:nI+VqIFsFInJmkCjC4v3YyZlDK9Uzk+EB+nXoflqqDGyo8B:nlVqIFu1v3YyZlDK9U0GqDB

Score
10/10
netwirerat

Malware Config

Extracted

Family

netwire

C2

podzeye2.duckdns.org:4433

Attributes
  • activex_autorun

    false

  • copy_executable

    false

  • delete_original

    false

  • host_id

    HostId-%Rand%

  • lock_executable

    false

  • offline_keylogger

    false

  • password

    Password

  • registry_autorun

    false

  • use_mutex

    false

Targets

    • Target

      1548-69-0x0000000000310000-0x00000000008FA000-memory.dmp

    • Size

      5.9MB

    • MD5

      f3ab5e9c66675148895259b48a2fa413

    • SHA1

      f39543ceb0eac1b9e28b20325d8f279d2c655411

    • SHA256

      2b327bb028f54c12f57b0bc61f5f8483df25faf0d537a370cca38f15f6be731e

    • SHA512

      f322c2eb567eefbfe8410468bde648e9ff5f72df2890120b9be65106d7a1d27e61132e719776fb1672a33a4e53316bc614bc69a6adb05f2e2f30a0801f937815

    • SSDEEP

      6144:nI+VqIFsFInJmkCjC4v3YyZlDK9Uzk+EB+nXoflqqDGyo8B:nlVqIFu1v3YyZlDK9U0GqDB

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks