General
-
Target
d12471afe134cfaecadc6df2a7de16f54a9b0515f8d127ec44d650b90ea069fc
-
Size
5.5MB
-
Sample
230129-1trlsaed42
-
MD5
7fe40fa40f7c5f09f57107f389f6391e
-
SHA1
3e38eda6e167b9e51681d7ada88fab51bee282e7
-
SHA256
d12471afe134cfaecadc6df2a7de16f54a9b0515f8d127ec44d650b90ea069fc
-
SHA512
8792ab1c60cb51a1c445951e731aebb77100f06cadddfcc678be18b045d40cd52b51bebb9399b0ee33fb67e41e73919f33706e6017900a1c636d57b73a5b38e1
-
SSDEEP
49152:r46RlYSOQmRN8f7zTwB902KXHsQnVedoRl69dz5FfV+mT9FhZrQ8YZaq:r4kz03024efFkEhi8a9
Malware Config
Extracted
netwire
www.secureupload.online:1929
-
activex_autorun
false
-
copy_executable
false
-
delete_original
false
-
host_id
HostId-eqOyw8
-
lock_executable
false
-
offline_keylogger
false
-
password
Manlike1234567!
-
registry_autorun
false
-
use_mutex
false
Targets
-
-
Target
d12471afe134cfaecadc6df2a7de16f54a9b0515f8d127ec44d650b90ea069fc
-
Size
5.5MB
-
MD5
7fe40fa40f7c5f09f57107f389f6391e
-
SHA1
3e38eda6e167b9e51681d7ada88fab51bee282e7
-
SHA256
d12471afe134cfaecadc6df2a7de16f54a9b0515f8d127ec44d650b90ea069fc
-
SHA512
8792ab1c60cb51a1c445951e731aebb77100f06cadddfcc678be18b045d40cd52b51bebb9399b0ee33fb67e41e73919f33706e6017900a1c636d57b73a5b38e1
-
SSDEEP
49152:r46RlYSOQmRN8f7zTwB902KXHsQnVedoRl69dz5FfV+mT9FhZrQ8YZaq:r4kz03024efFkEhi8a9
Score10/10-
NetWire RAT payload
-
Netwire
Netwire is a RAT with main functionalities focused password stealing and keylogging, but also includes remote control capabilities as well.
-
Blocklisted process makes network request
-