F22BF2BD431D6E2B93C8485C99537383FE4B775C70CA5[.]exe | Triage

Submit
Reports

Overview

overview

Static

static

1

F22BF2BD43...A5.exe

windows7-x64

F22BF2BD43...A5.exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

F22BF2BD431D6E2B93C8485C99537383FE4B775C70CA5.exe

Resource

win7-20221111-en

netwire botnet persistence rat stealer

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

F22BF2BD431D6E2B93C8485C99537383FE4B775C70CA5.exe

Resource

win10v2004-20221111-en

netwire botnet persistence rat stealer

windows10-2004-x64

8 signatures

150 seconds

General

Target

F22BF2BD431D6E2B93C8485C99537383FE4B775C70CA5.exe
Size

620KB
MD5

bebb241c63e3f02435250a922e4a11ea
SHA1

1677b2321633d18a997f526cb8b9b623f1993822
SHA256

f22bf2bd431d6e2b93c8485c99537383fe4b775c70ca5633ffaf702fde170b7f
SHA512

e266cea313d1d29e46644e7de31d3167919793c65b60f7c38a1e05cc80c83dd2554adeeb1462b3f9a47ddd69ecc49e9a78997a9e2768dc6a0f602f4bf0fad58e
SSDEEP

12288:gpmhvaV/QmkiLdEkKpFB1Gh7iRjACyALvuhj:Fv0/QxqzKOOYA4

Score

1^/10

Malware Config

Signatures

Files

F22BF2BD431D6E2B93C8485C99537383FE4B775C70CA5.exe
.exe windows x86

5002e9b875baf28d02e9d97d5ed6b2a7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord667
ord631
ord525
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord606
ProcCallEngine
ord646
ord578
ord100
ord616
ord618

Sections

.text
Size: 588KB - Virtual size: 587KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy