Extracted

• • Target

    ae159f022c6073ba1354103afc1d80f713aea24f01875ac242b47789a24cb6f0N.exe

  • Size

    1.3MB

  • MD5

    7213f4e9e0e8bf90552fc6e925eb3d40

  • SHA1

    579aae55eae1873bf8611cca29883ade9380534f

  • SHA256

    ae159f022c6073ba1354103afc1d80f713aea24f01875ac242b47789a24cb6f0

  • SHA512

    5180119c129268599a6faacf3be7ec55074464b1a3f2fe81c324f39093b440be49e2bf471d717ec699fd778dbbec644e6e0aa55a9b9ac86f4caf88c7f95d42ac

  • SSDEEP

    24576:eAHnh+eWsN3skA4RV1Hom2KXMmHaPanF0v6556ACILT5l:Jh+ZkldoPK8YaPgr8IBl

  Score

  10^/10

  netwirebotnetdiscoveryratstealer

  • NetWire RAT payload

    rat

  • Netwire

    Netwire is a RAT with main functionalities focused password stealing and keylogging, but also includes remote control capabilities as well.

    botnetstealernetwire

  • Netwire family

    netwire

  • Drops startup file

  • Suspicious use of SetThreadContext

  behavioral1behavioral2