netwire | e55d6c6652145fe9b7ae5cc8b9806b259f3ed2e134fb825f3bed7fa8bc25fd6c

Analysis

max time kernel
117s
max time network
119s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
26-05-2024 07:56

Target

e55d6c6652145fe9b7ae5cc8b9806b259f3ed2e134fb825f3bed7fa8bc25fd6c.exe
Size

84KB
MD5

9096907f595b85c38d86501e1e6392a1
SHA1

7a0566f02a87eb7fd4ca988fce5e6d4bc1be54ac
SHA256

e55d6c6652145fe9b7ae5cc8b9806b259f3ed2e134fb825f3bed7fa8bc25fd6c
SHA512

66d686f1f8d6cf5339d02497b67c9cb2cef64eeecc66b7cfcdd81d0a542c14ffe4fbf1e586aaddb3a74ea1f3c24313bebc9725a7de4c9eb5b1acfc50185ac1aa
SSDEEP

1536:7Lp3YvQCGQ10ismSklVI8VjCX1Isv3fA9qeRgLHsbgI+BSr1Ra:7Lp3Yvhn9VI8VjCX1I43fAwegLMTrO

Score

10^/10

Family

netwire

86t7b9br9.ddns.net:8980

Attributes

NetWire RAT payload 1 IoCs

rat

resource	yara_rule
behavioral1/memory/2320-0-0x0000000000400000-0x000000000041E000-memory.dmp	netwire

Netwire
Netwire is a RAT with main functionalities focused password stealing and keylogging, but also includes remote control capabilities as well.
botnet stealer netwire

C:\Users\Admin\AppData\Local\Temp\e55d6c6652145fe9b7ae5cc8b9806b259f3ed2e134fb825f3bed7fa8bc25fd6c.exe
"C:\Users\Admin\AppData\Local\Temp\e55d6c6652145fe9b7ae5cc8b9806b259f3ed2e134fb825f3bed7fa8bc25fd6c.exe"
1⤵
PID:2320

memory/2320-0-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download