CIRCL has analyzed a malware sample, which was only sporadically detected by just a handful of antivirus engines, based on heuristic detection. CIRCL has examined the entire command structure of the malware and was able to attribute it to the malware NetWiredRC.
NetWiredRC is a remote access Trojan that is used to gain complete control over a victim’s computer. It allows attackers to establish an unauthorized connection to an infected computer and control it remotely. Thanks to this malware, criminals can steal information, install other threats and even control the computer directly. The malware is a feature-rich Remote Access Tool, and compared to its identified predecessors, this specific version implements even more features.
CIRCL recommends to review the Indicators of Compromise (IOCs) of the report that has just been released and compare them with servers in the infrastructure of your organization, which produce log files including proxies, A/V and system logs.
To view the entire report, please go to: https://www.circl.lu/pub/tr-23/