General
-
Target
Keygen.exe
-
Size
2.6MB
-
Sample
231220-bxm1bseedr
-
MD5
7bd1a0c5c77c2119c63f1e0c1bc70b00
-
SHA1
91bb94db9e0bc3d65ceba77e4eb01c99bd4ced61
-
SHA256
e26a4346b2d54653635cdfa35954369eabc8947b055b022a7e8e28b9bd692217
-
SHA512
dde4a77a4039580f6ea6eca5a559b61b12a8f21fc5801415aafa814c8f269474ea9199da7584e907c5a849f3c7b8af3c021051eae384355ab92321eeb8196a62
-
SSDEEP
49152:qw80cTsjkWaRlMpH+sKZoqDjJJV97uDSa2GWL5qFyyQpp+Bmz0gVy:P8sjkBlc0fDjJR7qSaKqFyyQpp5z0g
Malware Config
Extracted
netwire
qayshaija.ddns.net:1515
-
activex_autorun
false
-
copy_executable
false
-
delete_original
false
-
host_id
HostId-%Rand%
-
keylogger_dir
%AppData%\Logs\
-
lock_executable
false
-
offline_keylogger
true
-
password
Password
-
registry_autorun
false
-
use_mutex
false
Targets
-
-
Target
Keygen.exe
-
Size
2.6MB
-
MD5
7bd1a0c5c77c2119c63f1e0c1bc70b00
-
SHA1
91bb94db9e0bc3d65ceba77e4eb01c99bd4ced61
-
SHA256
e26a4346b2d54653635cdfa35954369eabc8947b055b022a7e8e28b9bd692217
-
SHA512
dde4a77a4039580f6ea6eca5a559b61b12a8f21fc5801415aafa814c8f269474ea9199da7584e907c5a849f3c7b8af3c021051eae384355ab92321eeb8196a62
-
SSDEEP
49152:qw80cTsjkWaRlMpH+sKZoqDjJJV97uDSa2GWL5qFyyQpp+Bmz0gVy:P8sjkBlc0fDjJR7qSaKqFyyQpp5z0g
Score10/10-
NetWire RAT payload
-
Netwire
Netwire is a RAT with main functionalities focused password stealing and keylogging, but also includes remote control capabilities as well.
-