General
-
Target
unk.exe
-
Size
910KB
-
Sample
230206-dn4ylabh33
-
MD5
c7331f4c14752e3fb6bdf174395de01b
-
SHA1
097c79ecbb662e332a490b63cd2a497464afa1a2
-
SHA256
63b408d9416dc9d3c2c4fc8aa11100e5c58a5faf44d210229b867f12d0ce9c02
-
SHA512
a236c11638434438baeb2c9ebc12ec4c1dc19dbcc9e6aac91ba487e8035a2c8c0cba8af4878c98a45983a8ed9f578a1500357611854c83fa51ac8ac6633fe11f
-
SSDEEP
24576:MA3jbtIYqWkWyt5lt+8v50tFA4MLrxN5IC54TWMt:rTrqWkWktrGtFA4Wtgi
Static task
static1
Behavioral task
behavioral1
Sample
unk.exe
Resource
win7-20221111-en
Malware Config
Extracted
netwire
69.174.98.165:3369
-
activex_autorun
false
-
copy_executable
false
-
delete_original
false
-
host_id
new
-
lock_executable
false
-
offline_keylogger
false
-
password
cash1234
-
registry_autorun
false
-
use_mutex
false
Targets
-
-
Target
unk.exe
-
Size
910KB
-
MD5
c7331f4c14752e3fb6bdf174395de01b
-
SHA1
097c79ecbb662e332a490b63cd2a497464afa1a2
-
SHA256
63b408d9416dc9d3c2c4fc8aa11100e5c58a5faf44d210229b867f12d0ce9c02
-
SHA512
a236c11638434438baeb2c9ebc12ec4c1dc19dbcc9e6aac91ba487e8035a2c8c0cba8af4878c98a45983a8ed9f578a1500357611854c83fa51ac8ac6633fe11f
-
SSDEEP
24576:MA3jbtIYqWkWyt5lt+8v50tFA4MLrxN5IC54TWMt:rTrqWkWktrGtFA4Wtgi
-
NetWire RAT payload
-
Suspicious use of SetThreadContext
-