General
-
Target
984071c0054069029075b43afe125cd12bc3f9f70e384ca023cf70ea76a326d7.zip
-
Size
4.8MB
-
Sample
230420-khf3xagf35
-
MD5
c4a4b66d56c0febcde599bbd8acaf90b
-
SHA1
bcd75d096348828096eb2ce1ce87285762f46d0f
-
SHA256
8360f1e7b38051f681cd1b492a5562eef992a6c563b3e40cbd282f84c4f7381f
-
SHA512
df9ea9c74376b6219c535b1e90785a7c9417777a86ae95638bc91e067f14c748126af4e92f04d84cf589985ef7aeeb5c447558355a392c9a789dfb3367fd5e08
-
SSDEEP
98304:zlqA41iEIX0rQMEzR/2WZSBChV5ChLgkTpgtNEAluSEmnKuf:zL4Y9XqQNzcWAs20lpKuf
Behavioral task
behavioral1
Sample
984071c0054069029075b43afe125cd12bc3f9f70e384ca023cf70ea76a326d7.exe
Resource
win7-20230220-en
Malware Config
Extracted
netwire
s2awscloudupdates.com:8081
-
activex_autorun
false
-
copy_executable
false
-
delete_original
false
-
host_id
HostId-%Rand%
-
lock_executable
false
-
offline_keylogger
false
-
password
happy666
-
registry_autorun
false
-
use_mutex
false
Targets
-
-
Target
984071c0054069029075b43afe125cd12bc3f9f70e384ca023cf70ea76a326d7
-
Size
9.1MB
-
MD5
d037a430034a3d80c1ab9573c8c0b5a3
-
SHA1
abfc45d543920e955b9016dbc2e461ff862a5c7f
-
SHA256
984071c0054069029075b43afe125cd12bc3f9f70e384ca023cf70ea76a326d7
-
SHA512
806a41f2ce4821e507ae615a5e501128a6854e3468369010f67a3f70a65bfef18c5c473f6347ecccf997d5d0b2ccce86018fcb2740296718ccda5ba6da0f230b
-
SSDEEP
196608:y10ZfU3tLT+MeZQ1DTXP2NJEIYJ91TmKmt5p:ymZfU3AZQ1TXwEIYFTnmt
-
NetWire RAT payload
-