c0695c4f73a5a26beaaf5402c949f0be.exe

General
Target

c0695c4f73a5a26beaaf5402c949f0be.exe

Size

2MB

Sample

201029-q8e1sz7k2a

Score
10 /10
MD5

c0695c4f73a5a26beaaf5402c949f0be

SHA1

02356f440a5d13768657fe233e48bf9f8c3b1f17

SHA256

68313d4b45cc908f541dd581d7b9d1e8ccadcbf205714c12c36b58083ada7345

SHA512

eeecb03ee1324968eb8dfa48ece8b45ff80e22cb20c0288a1c4643cacee074e6279d8291b71f02aa38193e40db9f40bc2527b78879dd701440900e9eb6e55aa1

Malware Config
Targets
Target

c0695c4f73a5a26beaaf5402c949f0be.exe

MD5

c0695c4f73a5a26beaaf5402c949f0be

Filesize

2MB

Score
10 /10
SHA1

02356f440a5d13768657fe233e48bf9f8c3b1f17

SHA256

68313d4b45cc908f541dd581d7b9d1e8ccadcbf205714c12c36b58083ada7345

SHA512

eeecb03ee1324968eb8dfa48ece8b45ff80e22cb20c0288a1c4643cacee074e6279d8291b71f02aa38193e40db9f40bc2527b78879dd701440900e9eb6e55aa1

Tags

Signatures

  • NetSupport

    Description

    NetSupport is a remote access tool sold as a legitimate system administration software.

    Tags

  • Executes dropped EXE

  • Drops startup file

  • Loads dropped DLL

  • JavaScript code in executable

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                        Privilege Escalation
                          Tasks

                          static1

                          behavioral1

                          10/10

                          behavioral2

                          10/10