NetWire RC

Netwire is a RAT, its functionality seems focused on password stealing and keylogging, but includes remote control capabilities as well.

Keylog files are stored on the infected machine in an obfuscated form. The algorithm is:

        for i in range(0,num_read):
            buffer[i] = ((buffer[i]-0x24)^0x9D)&0xFF

Family metadata imported from Malpedia (Fraunhofer FKIE).