netwire | e55d6c6652145fe9b7ae5cc8b9806b259f3ed2e134fb825f3bed7fa8bc25fd6c

Analysis

max time kernel
121s
max time network
122s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
27-05-2024 01:18

Target

e55d6c6652145fe9b7ae5cc8b9806b259f3ed2e134fb825f3bed7fa8bc25fd6c.exe
Size

84KB
MD5

9096907f595b85c38d86501e1e6392a1
SHA1

7a0566f02a87eb7fd4ca988fce5e6d4bc1be54ac
SHA256

e55d6c6652145fe9b7ae5cc8b9806b259f3ed2e134fb825f3bed7fa8bc25fd6c
SHA512

66d686f1f8d6cf5339d02497b67c9cb2cef64eeecc66b7cfcdd81d0a542c14ffe4fbf1e586aaddb3a74ea1f3c24313bebc9725a7de4c9eb5b1acfc50185ac1aa
SSDEEP

1536:7Lp3YvQCGQ10ismSklVI8VjCX1Isv3fA9qeRgLHsbgI+BSr1Ra:7Lp3Yvhn9VI8VjCX1I43fAwegLMTrO

Score

10^/10

Family

netwire

86t7b9br9.ddns.net:8980

Attributes

NetWire RAT payload 1 IoCs

rat

resource	yara_rule
behavioral1/memory/2180-0-0x0000000000400000-0x000000000041E000-memory.dmp	netwire

Netwire
Netwire is a RAT with main functionalities focused password stealing and keylogging, but also includes remote control capabilities as well.
botnet stealer netwire

Detects binaries (Windows and macOS) referencing many web browsers. Observed in information stealers. 1 IoCs

resource	yara_rule
behavioral1/memory/2180-0-0x0000000000400000-0x000000000041E000-memory.dmp	INDICATOR_SUSPICIOUS_Binary_References_Browsers

C:\Users\Admin\AppData\Local\Temp\e55d6c6652145fe9b7ae5cc8b9806b259f3ed2e134fb825f3bed7fa8bc25fd6c.exe
"C:\Users\Admin\AppData\Local\Temp\e55d6c6652145fe9b7ae5cc8b9806b259f3ed2e134fb825f3bed7fa8bc25fd6c.exe"
1⤵
PID:2180

memory/2180-0-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download