General
-
Target
c3796170ce376b63718d114c759fc1c69045d09ce0923f74ad96ba8fc734d142
-
Size
749.4MB
-
Sample
221203-3hjsxafb35
-
MD5
35236ddbbeaffdbdbfbf0c9b26a300c2
-
SHA1
4e4f97b9f77e04a9917d85c6d2b3c49e9769089f
-
SHA256
c3796170ce376b63718d114c759fc1c69045d09ce0923f74ad96ba8fc734d142
-
SHA512
1146a6dd72cfdc103707c811c38bb9af439ce9fd90965599d638ca95b70a81edb82ab1b56f87ccb2766b7b2beb6bf4f838514215861e2cd7f7f57e6fb728021d
-
SSDEEP
786432:d1GbxO4RF4z4aIieFtnzZxVsWM0l3JSRR7faj/O631h6QeXJDjAwAZcho:d1gxV7g4aIiw9xVnMc5SX0/AQ6TAZG
Malware Config
Targets
-
-
Target
c3796170ce376b63718d114c759fc1c69045d09ce0923f74ad96ba8fc734d142
-
Size
749.4MB
-
MD5
35236ddbbeaffdbdbfbf0c9b26a300c2
-
SHA1
4e4f97b9f77e04a9917d85c6d2b3c49e9769089f
-
SHA256
c3796170ce376b63718d114c759fc1c69045d09ce0923f74ad96ba8fc734d142
-
SHA512
1146a6dd72cfdc103707c811c38bb9af439ce9fd90965599d638ca95b70a81edb82ab1b56f87ccb2766b7b2beb6bf4f838514215861e2cd7f7f57e6fb728021d
-
SSDEEP
786432:d1GbxO4RF4z4aIieFtnzZxVsWM0l3JSRR7faj/O631h6QeXJDjAwAZcho:d1gxV7g4aIiw9xVnMc5SX0/AQ6TAZG
Score10/10-
NetSupport
NetSupport is a remote access tool sold as a legitimate system administration software.
-
Executes dropped EXE
-
Sets file to hidden
Modifies file attributes to stop it showing in Explorer etc.
-
Loads dropped DLL
-
Adds Run key to start application
-