Overview

overview

10

Static

static

10

1252-68-0x...ry.exe

windows7-x64

1252-68-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1252-68-0x00000000002C0000-0x00000000008AC000-memory.dmp

  • Size

    5.9MB

  • Sample

    221209-n2t1naga3w

  • MD5

    77890bcd6ffe5d020139d4aa280666f2

  • SHA1

    0526f25670e26ad093df2ed7e17f29c896193d42

  • SHA256

    b1455e0bfd077468a669d8bed9e0cb78e03d8d641640f0242d53dda1caee6a71

  • SHA512

    f395f60d7dfdfd44f19ba23df09612ae4de066abe3e9ec855e5df82a003b5a0c0272c3b549c1eac8733067b68c14ac329a5e2c4a2a6f96dcf1548de239b272da

  • SSDEEP

    6144:qnds35YSsDOUJtXkTH7q/SqLhkxc65arR6GQLhoHqqDEbB8B:qdspYS8U7q/SqLhkl5IIq3B

Score
10/10
netwirerat

Malware Config

Extracted

Family

netwire

C2

reportss.duckdns.org:4411

Attributes
  • activex_autorun

    false

  • copy_executable

    false

  • delete_original

    false

  • host_id

    HostId-%Rand%

  • lock_executable

    false

  • offline_keylogger

    false

  • password

    Password

  • registry_autorun

    false

  • use_mutex

    false

Targets

    • Target

      1252-68-0x00000000002C0000-0x00000000008AC000-memory.dmp

    • Size

      5.9MB

    • MD5

      77890bcd6ffe5d020139d4aa280666f2

    • SHA1

      0526f25670e26ad093df2ed7e17f29c896193d42

    • SHA256

      b1455e0bfd077468a669d8bed9e0cb78e03d8d641640f0242d53dda1caee6a71

    • SHA512

      f395f60d7dfdfd44f19ba23df09612ae4de066abe3e9ec855e5df82a003b5a0c0272c3b549c1eac8733067b68c14ac329a5e2c4a2a6f96dcf1548de239b272da

    • SSDEEP

      6144:qnds35YSsDOUJtXkTH7q/SqLhkxc65arR6GQLhoHqqDEbB8B:qdspYS8U7q/SqLhkl5IIq3B

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks