Extracted

• • Target

    5ddc4cf0dad4b869b441a26e67444b73_JaffaCakes118

  • Size

    338KB

  • MD5

    5ddc4cf0dad4b869b441a26e67444b73

  • SHA1

    5cba29927759776c9f1a7b10d5fec27c863035e3

  • SHA256

    839a5b4bc0c1e8d395e5b179a9e09dcbe9fb11d303595a1ade543c9873601312

  • SHA512

    cad6d15988b8b3c1921e6eab951812c4ed74f2956cdfaf666ccff9b35ddb34ed5d79fad9c49bfbaef09f87296861bedbc0f57be4f2d2a13937998c0b8a81f232

  • SSDEEP

    6144:DrMD6jcT15zUAVp4AE33eBQ4suHaxZ29eBRdN:3UgcTn5Vp4AxlQjBj

  Score

  10^/10

  netwirebotnetdiscoveryratstealer

  • NetWire RAT payload

    rat

  • Netwire

    Netwire is a RAT with main functionalities focused password stealing and keylogging, but also includes remote control capabilities as well.

    botnetstealernetwire

  • Drops startup file

  • Executes dropped EXE

  • Loads dropped DLL

  behavioral1behavioral2