General
-
Target
JaffaCakes118_3f8a789c0d925b9b1bcc7c78b102e5d4
-
Size
3.1MB
-
Sample
250106-21nddatqak
-
MD5
3f8a789c0d925b9b1bcc7c78b102e5d4
-
SHA1
eb802c85a806b822eb38534eade7fb18210763b1
-
SHA256
d58c16e4868f16de1d929675aa5742feaca7c416ca89968c5e538cb92d3764ff
-
SHA512
cf39246c16b7cbec9968be029e2e93a6eaa373a8ad2471d173ec36cc36794704e5d239d8a13c2c7cf96fbaefcefc0387c82d45a8e6358db0c7d60ef5cdf567a1
-
SSDEEP
98304:Fcf+UxwybTS0Zv7Qxn85TCNGv2Tx69Q3L/NetUhmUV:e+UzVUnseB/NetUlV
Malware Config
Extracted
netwire
trostryprllspmret.co:2010
-
activex_autorun
false
-
copy_executable
false
-
delete_original
false
-
host_id
Diabolikk66
-
lock_executable
false
-
mutex
lVrWbEvA
-
offline_keylogger
false
-
password
Ildiablo9012
-
registry_autorun
false
-
use_mutex
true
Targets
-
-
Target
JaffaCakes118_3f8a789c0d925b9b1bcc7c78b102e5d4
-
Size
3.1MB
-
MD5
3f8a789c0d925b9b1bcc7c78b102e5d4
-
SHA1
eb802c85a806b822eb38534eade7fb18210763b1
-
SHA256
d58c16e4868f16de1d929675aa5742feaca7c416ca89968c5e538cb92d3764ff
-
SHA512
cf39246c16b7cbec9968be029e2e93a6eaa373a8ad2471d173ec36cc36794704e5d239d8a13c2c7cf96fbaefcefc0387c82d45a8e6358db0c7d60ef5cdf567a1
-
SSDEEP
98304:Fcf+UxwybTS0Zv7Qxn85TCNGv2Tx69Q3L/NetUhmUV:e+UzVUnseB/NetUlV
Score10/10-
NetWire RAT payload
-
Netwire
Netwire is a RAT with main functionalities focused password stealing and keylogging, but also includes remote control capabilities as well.
-
Netwire family
-