Details
FileName | |
---|---|
Malware Family | NetWire |
Date Added | 2016-01-10 22:29:25 |
MD5 | b10e96e41ade7b975fd7a3c4ff3de75e |
Sha256 | 147517e4cc9117d6b56c204309100dfaa735104f9d2400dac265d5d79596a04c |
Robot | Robots lovingly delivered by robohash.org |
Advertising
Config Data
Use a mutex | True |
---|---|
Startup Name | svchost |
Install Path | %AppData%\Install\GIGA.exe |
Host ID | GOOD |
Proxy Option | Direct connection |
Registry autorun | True |
Proxy Server | Not Configured |
Mutex | gwHeOXNM |
ActiveX Key | {541MLYIX-6YXC-J02K-DOIW-45EMHA66ET03} |
Domains | ['kingpop.no-ip.org:3360'] |
ActiveX autorun | True |
Lock executable | True |
KeyLog Dir | %AppData%\Logs\ |
Offline keylogger | True |
Password | Password |
Copy executable | True |
Delete original | True |
Virustotal
45 out of 54 AV Engines identified the sample as Malicious.