netwire | 87ea2dbafe7338c46b8ff3e83d14e03bfcd8cb71a0b29b54dfd8a8691ffa2329 | Triage

Submit
Reports

Overview

overview

Static

static

3

87ea2dbafe...29.exe

windows7-x64

87ea2dbafe...29.exe

windows10-2004-x64

3

Sharing

General

Target

87ea2dbafe7338c46b8ff3e83d14e03bfcd8cb71a0b29b54dfd8a8691ffa2329
Size

628KB
Sample

240410-pkfblsaf4v
MD5

afe6d7985388013e32ae388a29600ae2
SHA1

f8082260e1591b439fdaf2ccfe3c80ccfe9d8ea6
SHA256

87ea2dbafe7338c46b8ff3e83d14e03bfcd8cb71a0b29b54dfd8a8691ffa2329
SHA512

98b7d345a39c755c16ff17f167de868d7b5ab9acba40f9bb9afe34056698809a5591924c9197689fb05062ed8ea68d61a91404c8e879bad4d24e5bb544782c1c
SSDEEP

6144:9qqDLuK1hG/uo0luLBjUX3DPg5trMON1JIIAFwp1I40zL75grM5IEu7h95Pp3qI:AqnuKTo0YSXbg5twsoEa375Z5VgfP

Score

10^/10

netwire botnet rat stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

87ea2dbafe7338c46b8ff3e83d14e03bfcd8cb71a0b29b54dfd8a8691ffa2329.exe

Resource

win7-20240221-en

netwire botnet rat stealer

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

87ea2dbafe7338c46b8ff3e83d14e03bfcd8cb71a0b29b54dfd8a8691ffa2329.exe

Resource

win10v2004-20240226-en

windows10-2004-x64

3 signatures

150 seconds

Malware Config

Extracted

Family

netwire

C2

atlaswebportal.zapto.org:4000

Attributes

activex_autorun
false
copy_executable
false
delete_original
false
host_id
R4_UPD_24.10.16
keylogger_dir
C:\NVIDIA\profile\
lock_executable
false
offline_keylogger
true
password
Micr0s0ft4456877
registry_autorun
false
use_mutex
false

Targets

- Target
  
  87ea2dbafe7338c46b8ff3e83d14e03bfcd8cb71a0b29b54dfd8a8691ffa2329
- Size
  
  628KB
- MD5
  
  afe6d7985388013e32ae388a29600ae2
- SHA1
  
  f8082260e1591b439fdaf2ccfe3c80ccfe9d8ea6
- SHA256
  
  87ea2dbafe7338c46b8ff3e83d14e03bfcd8cb71a0b29b54dfd8a8691ffa2329
- SHA512
  
  98b7d345a39c755c16ff17f167de868d7b5ab9acba40f9bb9afe34056698809a5591924c9197689fb05062ed8ea68d61a91404c8e879bad4d24e5bb544782c1c
- SSDEEP
  
  6144:9qqDLuK1hG/uo0luLBjUX3DPg5trMON1JIIAFwp1I40zL75grM5IEu7h95Pp3qI:AqnuKTo0YSXbg5twsoEa375Z5VgfP
Score

10^/10

netwire botnet rat stealer
- NetWire RAT payload
  rat
- Netwire
  Netwire is a RAT with main functionalities focused password stealing and keylogging, but also includes remote control capabilities as well.
  botnet stealer netwire
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

netwirebotnetratstealer

behavioral2

© 2018-2025

Terms | Privacy