General
-
Target
d73c8fe975a6697c3c61186d390c1422f802415256cba694ece4e92d65eca1f9
-
Size
4.9MB
-
Sample
230129-1tqdqafg7x
-
MD5
4e1e49d1b75491ed572f5a7e0b2e0303
-
SHA1
b84cacae02c34a23155bb562793db456e0c8bc23
-
SHA256
d73c8fe975a6697c3c61186d390c1422f802415256cba694ece4e92d65eca1f9
-
SHA512
e9e70cd057dbcffc50fb58fdc2944b3db9e68d142d7d320d07e0047917263f882dd00fe748d80b307e77af700d6b519cdf15f82e9c4155efd4b1cebab7e28559
-
SSDEEP
98304:10fY0CspGCvRZFUhsGZtWttFsJObcFksHPlJF3t2GSVZQl2P:VTCZPkhxka5t2FEgP
Malware Config
Extracted
netwire
escusemoisco.com:0990
-
activex_autorun
false
-
copy_executable
false
-
delete_original
false
-
host_id
HostId-smaaU0
-
lock_executable
false
-
offline_keylogger
false
-
password
Password123
-
registry_autorun
false
-
use_mutex
false
Targets
-
-
Target
d73c8fe975a6697c3c61186d390c1422f802415256cba694ece4e92d65eca1f9
-
Size
4.9MB
-
MD5
4e1e49d1b75491ed572f5a7e0b2e0303
-
SHA1
b84cacae02c34a23155bb562793db456e0c8bc23
-
SHA256
d73c8fe975a6697c3c61186d390c1422f802415256cba694ece4e92d65eca1f9
-
SHA512
e9e70cd057dbcffc50fb58fdc2944b3db9e68d142d7d320d07e0047917263f882dd00fe748d80b307e77af700d6b519cdf15f82e9c4155efd4b1cebab7e28559
-
SSDEEP
98304:10fY0CspGCvRZFUhsGZtWttFsJObcFksHPlJF3t2GSVZQl2P:VTCZPkhxka5t2FEgP
Score10/10-
NetWire RAT payload
-
Netwire
Netwire is a RAT with main functionalities focused password stealing and keylogging, but also includes remote control capabilities as well.
-