netwire | 23fd501c884e2f46d38af81b0d6e423ea0bff8c5eee615227806faf7b2833827 | Triage

Submit
Reports

Overview

overview

Static

static

23fd501c88...27.exe

windows7_x64

23fd501c88...27.exe

windows10_x64

Sharing

General

Target

23fd501c884e2f46d38af81b0d6e423ea0bff8c5eee615227806faf7b2833827
Size

1.2MB
Sample

200624-b8k1myeqte
MD5

c78124cbf501154c3322e594cb076e17
SHA1

dd8b28a78383e3435487178509a18a21d1385d61
SHA256

23fd501c884e2f46d38af81b0d6e423ea0bff8c5eee615227806faf7b2833827
SHA512

db3e711f00bf77ee7147f16f5426cf7594bddb2f70731cc97b8f6e28a4b4ba6eae238f51b3c9bcb91338e24e01f12df5801487db98587b961a221f23b0174a1f

Score

10^/10

netwire botnet rat stealer

Static task

static1

Behavioral task

behavioral1

Sample

23fd501c884e2f46d38af81b0d6e423ea0bff8c5eee615227806faf7b2833827.exe

Resource

win7

rat botnet stealer netwire

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

23fd501c884e2f46d38af81b0d6e423ea0bff8c5eee615227806faf7b2833827.exe

Resource

win10v200430

rat botnet stealer netwire

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  23fd501c884e2f46d38af81b0d6e423ea0bff8c5eee615227806faf7b2833827
- Size
  
  1.2MB
- MD5
  
  c78124cbf501154c3322e594cb076e17
- SHA1
  
  dd8b28a78383e3435487178509a18a21d1385d61
- SHA256
  
  23fd501c884e2f46d38af81b0d6e423ea0bff8c5eee615227806faf7b2833827
- SHA512
  
  db3e711f00bf77ee7147f16f5426cf7594bddb2f70731cc97b8f6e28a4b4ba6eae238f51b3c9bcb91338e24e01f12df5801487db98587b961a221f23b0174a1f
Score

10^/10

rat botnet stealer netwire
- NetWire RAT payload
  rat
- Netwire
  Netwire is a RAT with main functionalities focused password stealing and keylogging, but also includes remote control capabilities as well.
  botnet stealer netwire
- Drops startup file
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

ratbotnetstealernetwire

behavioral2

ratbotnetstealernetwire

© 2018-2024

Terms | Privacy