General
-
Target
JaffaCakes118_cd08f5aee51ce2ef2d4b1bd567adac90
-
Size
3.1MB
-
Sample
250109-t57zkswrcp
-
MD5
cd08f5aee51ce2ef2d4b1bd567adac90
-
SHA1
32ebfee9645f42c3719101df980832eccd24ee4c
-
SHA256
20229d2217d12e73f130c72645d7edf384c630973775d9f38326dfee0295cb12
-
SHA512
78d3c08da6f854774498f257e0a5479245376cda115773a47bfb3b621db6a0e132ad3539237bb09336f0de7b34bbf42e24c53fb02ef450edf430f2d7cf245424
-
SSDEEP
98304:Fcf+UxwybTS0Zv7Qxn85TCNGv2Tx69Q3L/NetUhmU8:e+UzVUnseB/NetUl8
Malware Config
Extracted
netwire
trostryprllspmret.co:2010
-
activex_autorun
false
-
copy_executable
false
-
delete_original
false
-
host_id
Diabolikk66
-
lock_executable
false
-
mutex
lVrWbEvA
-
offline_keylogger
false
-
password
Ildiablo9012
-
registry_autorun
false
-
use_mutex
true
Targets
-
-
Target
JaffaCakes118_cd08f5aee51ce2ef2d4b1bd567adac90
-
Size
3.1MB
-
MD5
cd08f5aee51ce2ef2d4b1bd567adac90
-
SHA1
32ebfee9645f42c3719101df980832eccd24ee4c
-
SHA256
20229d2217d12e73f130c72645d7edf384c630973775d9f38326dfee0295cb12
-
SHA512
78d3c08da6f854774498f257e0a5479245376cda115773a47bfb3b621db6a0e132ad3539237bb09336f0de7b34bbf42e24c53fb02ef450edf430f2d7cf245424
-
SSDEEP
98304:Fcf+UxwybTS0Zv7Qxn85TCNGv2Tx69Q3L/NetUhmU8:e+UzVUnseB/NetUl8
Score10/10-
NetWire RAT payload
-
Netwire
Netwire is a RAT with main functionalities focused password stealing and keylogging, but also includes remote control capabilities as well.
-
Netwire family
-