Analysis
-
max time kernel
140s -
max time network
138s -
platform
windows7_x64 -
resource
win7-20240704-en -
resource tags
-
submitted
07-07-2024 11:54
General
-
Target
cde1062d7bacd1795c61dae09435a2affc75e9f5f7f0eeae581f687130af46fb.exe
-
Size
84KB
-
MD5
64c2af0bd91c8ac12cec3a3978cf191f
-
SHA1
6b988fd4f98e67e8be9359b5f3c9ea33fb470173
-
SHA256
cde1062d7bacd1795c61dae09435a2affc75e9f5f7f0eeae581f687130af46fb
-
SHA512
4725787862d05c0e9632caf7c8c6e6dfdfd75e8e2a11f5a7c9724ccfbe47689674a5e92e31e29f6f864a1d03f7fbe0dd2ac0a91183ba3866b0c6097510ecf220
-
SSDEEP
1536:Jr/zIEc9uQ1q1vD9qrPP+r4MrdN/F+Xs6ibNqiRGWkxuAdDWTF:Jr/zIEyQIrPP+r4MrdN/086ibgqGWk0x
Score
10/10
Malware Config
Extracted
Family
netwire
C2
abi.asu.su:2525
Attributes
-
activex_autorun
false
-
copy_executable
false
-
delete_original
false
-
host_id
abi
-
lock_executable
false
-
offline_keylogger
false
-
password
Somma2009
-
registry_autorun
false
-
use_mutex
false
Signatures
-
NetWire RAT payload 1 IoCs
-
Netwire
Netwire is a RAT with main functionalities focused password stealing and keylogging, but also includes remote control capabilities as well.
Processes
-
C:\Users\Admin\AppData\Local\Temp\cde1062d7bacd1795c61dae09435a2affc75e9f5f7f0eeae581f687130af46fb.exe"C:\Users\Admin\AppData\Local\Temp\cde1062d7bacd1795c61dae09435a2affc75e9f5f7f0eeae581f687130af46fb.exe"1⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
120KB