General
-
Target
71e5ace0385df41070a30932a20bd5a7
-
Size
4.5MB
-
Sample
240124-lq8zbsfcg4
-
MD5
71e5ace0385df41070a30932a20bd5a7
-
SHA1
b3768b81cfa8813f1692963ea7308a19e213819a
-
SHA256
6f248f6dd7ac467f8c9e39c7dda64825147df54cb2ae6a44e0d3c5e7530a3890
-
SHA512
78e1ba4b96849c97e42952942c7e77adcbeb1c32224e11fa22e92d3be99254f73f49279c996cebcf989f0a92e1214ed81d4eb5bd1a5175d2dc4a7130656f4692
-
SSDEEP
49152:ug91tCSWaobTj/tarIvMyHuMs/vGUAnwFM5pkFaD9DTeBppk:ug9XwP/taqMyOMBnwFM5pqaD9OBpe
Malware Config
Extracted
netwire
escusemoisco.com:0990
-
activex_autorun
false
-
copy_executable
false
-
delete_original
false
-
host_id
HostId-%Rand%
-
lock_executable
false
-
offline_keylogger
false
-
password
Password123
-
registry_autorun
false
-
use_mutex
false
Targets
-
-
Target
71e5ace0385df41070a30932a20bd5a7
-
Size
4.5MB
-
MD5
71e5ace0385df41070a30932a20bd5a7
-
SHA1
b3768b81cfa8813f1692963ea7308a19e213819a
-
SHA256
6f248f6dd7ac467f8c9e39c7dda64825147df54cb2ae6a44e0d3c5e7530a3890
-
SHA512
78e1ba4b96849c97e42952942c7e77adcbeb1c32224e11fa22e92d3be99254f73f49279c996cebcf989f0a92e1214ed81d4eb5bd1a5175d2dc4a7130656f4692
-
SSDEEP
49152:ug91tCSWaobTj/tarIvMyHuMs/vGUAnwFM5pkFaD9DTeBppk:ug9XwP/taqMyOMBnwFM5pqaD9OBpe
Score10/10-
NetWire RAT payload
-
Netwire
Netwire is a RAT with main functionalities focused password stealing and keylogging, but also includes remote control capabilities as well.
-