Overview

overview

10

Static

static

10

1468-69-0x...ry.exe

windows7-x64

1

1468-69-0x...ry.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1468-69-0x0000000000400000-0x0000000000433000-memory.dmp

  • Size

    204KB

  • Sample

    230128-y5nyxshf5t

  • MD5

    65468b580b1ada993446056aa4ff50ea

  • SHA1

    1c843008fc6bf88ac9e9ce5764e2b609238d126c

  • SHA256

    cee8d48ff4cdae8fd8036d2b3c6807ca97f61a503e391a5c1d87e3d701785155

  • SHA512

    35462ed9885b03c949a4509678c7acb85b4ad63d83ccf89b2b7a0af22f9e5f7385196b43c93f3ec340151dabff3e91b19285b022504faae5971cc634a4dee15d

  • SSDEEP

    3072:S3bwUUCZjY/UURTbaiceGUlzFr0qOnZEcsx8VLJdYMSMqqD:S3kUjJY/fRT+iceGUlzFruZdJdzxqqD

Score
10/10
netwirerat

Malware Config

Extracted

Family

netwire

C2

212.193.30.230:3363

Attributes
  • activex_autorun

    false

  • copy_executable

    false

  • delete_original

    false

  • host_id

    HostId-%Rand%

  • keylogger_dir

    %AppData%\Logs\

  • lock_executable

    false

  • offline_keylogger

    true

  • password

    Password@2

  • registry_autorun

    false

  • use_mutex

    false

Targets

    • Target

      1468-69-0x0000000000400000-0x0000000000433000-memory.dmp

    • Size

      204KB

    • MD5

      65468b580b1ada993446056aa4ff50ea

    • SHA1

      1c843008fc6bf88ac9e9ce5764e2b609238d126c

    • SHA256

      cee8d48ff4cdae8fd8036d2b3c6807ca97f61a503e391a5c1d87e3d701785155

    • SHA512

      35462ed9885b03c949a4509678c7acb85b4ad63d83ccf89b2b7a0af22f9e5f7385196b43c93f3ec340151dabff3e91b19285b022504faae5971cc634a4dee15d

    • SSDEEP

      3072:S3bwUUCZjY/UURTbaiceGUlzFr0qOnZEcsx8VLJdYMSMqqD:S3kUjJY/fRT+iceGUlzFruZdJdzxqqD

    Score
    3/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks