Extracted

• • Target

    JaffaCakes118_6483c1922c730b0801cd9f3765ea8056

  • Size

    172KB

  • MD5

    6483c1922c730b0801cd9f3765ea8056

  • SHA1

    43b4a9952ad20fefc9242b829518087426be5519

  • SHA256

    57ce6e0c3958f55d0086ea3941d77cd063b47787ad5fcc0e95c985b3b805fc90

  • SHA512

    4b7d4e819d333a3a297792cf40faf6bf1632dffcc5365fdbdace5ba9aa51b7dcdd53994a2a1674a6f513bcf3c5cc9121a997c7cb45273d78ad8ff2bd45f66faa

  • SSDEEP

    3072:r6RrEikYA0QdTh532O8QXJlx3er+jL7ScA96TElZIajM/naFhNlUw4WOXZJ:rd0Ih532Kd3zjL7S1kEl7jyaFJm

  Score

  10^/10

  netwirebotnetdiscoveryratstealer

  • NetWire RAT payload

    rat

  • Netwire

    Netwire is a RAT with main functionalities focused password stealing and keylogging, but also includes remote control capabilities as well.

    botnetstealernetwire

  • Netwire family

    netwire

  • Drops startup file

  • Suspicious use of SetThreadContext

  behavioral1behavioral2