Details
Malware Family NetWire
Date Added Jan. 7, 2016, 9:06 p.m.
MD5 19c13f01dc569dbf5b2628e368008cbc
Sha256 1b7aaca514f02d98fa433d5785bfd366d23b9f6ff2185832e3034c4185b41ddc
Robot Robots lovingly delivered by robohash.org
Config Sections
Delete original False
ActiveX autorun False
Install Path -
Copy executable False
Host ID NETERS
Lock executable False
ActiveX Key -
Use a mutex False
Mutex -
Proxy Server Not Configured
Registry autorun True
Offline keylogger True
Domains ['cherrymason1212.no-ip.org:9898']
Startup Name NetWire
Password teamoluwa
KeyLog Dir %AppData%\Logs\
Proxy Option Direct connection
Advertising
VirusTotal

33 out of 55 AV's Identified the sample as Malicious

Virus Total Report

Domain Data
Domain IP Country Code
cherrymason1212.no-ip.org 105.112.34.155 NG
Geo Location
Yara Rules
Comments
comments powered by Disqus