Details
FileName | |
---|---|
Malware Family | NetWire |
Date Added | 2016-01-10 22:28:06 |
MD5 | 26c5a719b6da3b3c6b9be4e68da0439b |
Sha256 | 90571d1be5adf7bfa24397754c71ad12de55d7e5ccb60cb98a7ef9f83462a137 |
Robot | Robots lovingly delivered by robohash.org |
Advertising
Config Data
Use a mutex | True |
---|---|
Startup Name | NetWire |
Install Path | %AppData%\Install\Host.exe |
Host ID | tradefair |
Proxy Option | Direct connection |
Registry autorun | True |
Proxy Server | Not Configured |
Mutex | gVrBOvTg |
ActiveX Key | - |
Domains | ['bwarioffice.dyndns-at-work.com:3360'] |
ActiveX autorun | False |
Lock executable | True |
KeyLog Dir | %AppData%\Logs\ |
Offline keylogger | True |
Password | Password |
Copy executable | True |
Delete original | True |
Virustotal
46 out of 55 AV Engines identified the sample as Malicious.