Overview

overview

10

Static

static

10

sample1.exe

windows10-1703-x64

1

Resubmissions

29-01-2023 22:11

230129-14epzaeg76 10

29-01-2023 21:52

230129-1rh7maff81 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    sample1.exe

  • Size

    124KB

  • Sample

    230129-14epzaeg76

  • MD5

    58d875ff734debcbc265a53820729770

  • SHA1

    3fad915ff84960aa40112cc2c185d7f60abf2477

  • SHA256

    a352b6008c6e33e2e10ddaed93d51cbab38bbf2993d503a9a9ad08e1fdc7797b

  • SHA512

    d2a4e8cb470c79ba936989e6995e6e2a15688bcce85ee31443e8fd06e42675b38aa65f67fbfab0d60dd6d180bb225a44bd2ab60d963b01d2d0dc5407af181b8a

  • SSDEEP

    3072:nr/zIEyQIrPP+r4MrdN/086ibgqGWk1x:nrsEyQUPPGxFsYc

Score
10/10
netwirerat

Malware Config

Extracted

Family

netwire

C2

masonchill.jumpingcrab.com:3360

masonchill.dynamic-dns.net:3370
Attributes
  • activex_autorun

    false

  • copy_executable

    false

  • delete_original

    false

  • host_id

    HostId-%Rand%

  • keylogger_dir

    %AppData%\Logs\

  • lock_executable

    false

  • offline_keylogger

    true

  • password

    Password

  • registry_autorun

    false

  • use_mutex

    false

Targets

    • Target

      sample1.exe

    • Size

      124KB

    • MD5

      58d875ff734debcbc265a53820729770

    • SHA1

      3fad915ff84960aa40112cc2c185d7f60abf2477

    • SHA256

      a352b6008c6e33e2e10ddaed93d51cbab38bbf2993d503a9a9ad08e1fdc7797b

    • SHA512

      d2a4e8cb470c79ba936989e6995e6e2a15688bcce85ee31443e8fd06e42675b38aa65f67fbfab0d60dd6d180bb225a44bd2ab60d963b01d2d0dc5407af181b8a

    • SSDEEP

      3072:nr/zIEyQIrPP+r4MrdN/086ibgqGWk1x:nrsEyQUPPGxFsYc

    Score
    1/10
    behavioral1

MITRE ATT&CK Matrix

Tasks