Details
FileName | |
---|---|
Malware Family | NetWire |
Date Added | 2016-01-10 22:33:50 |
MD5 | 88464e59fc7e8fc28494860a16bf3aa5 |
Sha256 | 1269855d8a83079231d8f28b867f3e5ac285c1f14689bb5a2dba0873a06c73cf |
Robot | Robots lovingly delivered by robohash.org |
Advertising
Config Data
Use a mutex | True |
---|---|
Startup Name | Wire |
Install Path | %AppData%\Install\Host.exe |
Host ID | HostId-%Rand% |
Proxy Option | Direct connection |
Registry autorun | True |
Proxy Server | Not Configured |
Mutex | GRPLtigW |
ActiveX Key | {241QQ751-WPNR-4K1Q-YNV1-5QU1DD2087O5} |
Domains | ['91.121.234.111:3360'] |
ActiveX autorun | True |
Lock executable | True |
KeyLog Dir | %AppData%\Logs\ |
Offline keylogger | True |
Password | Password |
Copy executable | True |
Delete original | True |
Virustotal
46 out of 54 AV Engines identified the sample as Malicious.