General
-
Target
HEUR-Trojan.Win32.Pincav.gen-35aeedd98b2c9479.exe
-
Size
1.3MB
-
Sample
230124-2xvnaafg3y
-
MD5
d6bd647394753edad31e82048f050811
-
SHA1
8e55cca32928171a0e2483c2cff70ec11f950f8a
-
SHA256
35aeedd98b2c9479aeab20715ff3a3940095dda9336c2e7497105ceaa3a1ec0c
-
SHA512
6ee1c47328e177466543fe0a032cb685aaff16f162d9b42bf5abba8ca1bbc09a72533a15fbedc566b32e81378efbc30ccaef3d55162911f2092eb0735859c2c4
-
SSDEEP
24576:YfWKopnTfodNz8Zc7TWxBDZ4h0pZB5v31rIyOlIM+:28n9c+xaYp3Oy3
Static task
static1
Behavioral task
behavioral1
Sample
HEUR-Trojan.Win32.Pincav.gen-35aeedd98b2c9479.exe
Resource
win7-20220812-en
Malware Config
Extracted
netwire
www.secureupload.online:1929
-
activex_autorun
false
-
copy_executable
false
-
delete_original
false
-
host_id
HostId-MAm4sa
-
lock_executable
false
-
offline_keylogger
false
-
password
Manlike1234567!
-
registry_autorun
false
-
use_mutex
false
Targets
-
-
Target
HEUR-Trojan.Win32.Pincav.gen-35aeedd98b2c9479.exe
-
Size
1.3MB
-
MD5
d6bd647394753edad31e82048f050811
-
SHA1
8e55cca32928171a0e2483c2cff70ec11f950f8a
-
SHA256
35aeedd98b2c9479aeab20715ff3a3940095dda9336c2e7497105ceaa3a1ec0c
-
SHA512
6ee1c47328e177466543fe0a032cb685aaff16f162d9b42bf5abba8ca1bbc09a72533a15fbedc566b32e81378efbc30ccaef3d55162911f2092eb0735859c2c4
-
SSDEEP
24576:YfWKopnTfodNz8Zc7TWxBDZ4h0pZB5v31rIyOlIM+:28n9c+xaYp3Oy3
-
NetWire RAT payload
-
Blocklisted process makes network request
-