General
-
Target
JaffaCakes118_b986b09d78ae8fa69c46a83c30e76232
-
Size
160KB
-
Sample
250109-c3djhsxkeq
-
MD5
b986b09d78ae8fa69c46a83c30e76232
-
SHA1
5f30fc30a06b8eb145240617200c936f8f9efc07
-
SHA256
849684689850c5c2966545101f9502544c2d69b71db493d3a6a8b30460d68e82
-
SHA512
cc009e0622cc4a104d021b9d759d9609e4f45de4fe89565ab9fc9b29de190e4a07058bf8bae7ec5b7d1cdd089a143fe7bffff904091f6cdba6b741725d0ac998
-
SSDEEP
3072:jOzPcXa+ND32eioGHlz8rnAE0HCXh0edLvhcYMjMqqDvFf:jOTcK+NrRioGHlz8rz0i/hczQqqDvFf
Malware Config
Extracted
netwire
bazerasedazacnetw139.xyz:2010
-
activex_autorun
false
-
copy_executable
false
-
delete_original
false
-
host_id
Diabolikk66
-
lock_executable
false
-
mutex
CPsxxpUm
-
offline_keylogger
false
-
password
Ildiablo9012
-
registry_autorun
false
-
use_mutex
true
Targets
-
-
Target
JaffaCakes118_b986b09d78ae8fa69c46a83c30e76232
-
Size
160KB
-
MD5
b986b09d78ae8fa69c46a83c30e76232
-
SHA1
5f30fc30a06b8eb145240617200c936f8f9efc07
-
SHA256
849684689850c5c2966545101f9502544c2d69b71db493d3a6a8b30460d68e82
-
SHA512
cc009e0622cc4a104d021b9d759d9609e4f45de4fe89565ab9fc9b29de190e4a07058bf8bae7ec5b7d1cdd089a143fe7bffff904091f6cdba6b741725d0ac998
-
SSDEEP
3072:jOzPcXa+ND32eioGHlz8rnAE0HCXh0edLvhcYMjMqqDvFf:jOTcK+NrRioGHlz8rz0i/hczQqqDvFf
Score10/10-
NetWire RAT payload
-
Netwire
Netwire is a RAT with main functionalities focused password stealing and keylogging, but also includes remote control capabilities as well.
-
Netwire family
-