Overview

overview

10

Static

static

nesup2.zip

windows7-x64

1

nesup2.zip

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    nesup2.zip

  • Size

    2.2MB

  • Sample

    230130-yek5cadh81

  • MD5

    d2cac6abc76f2aa03d293498c595f99b

  • SHA1

    5c57f127c94d67da3f5d6719a6c944a0b3c26162

  • SHA256

    de6a89f52103b1d03b5c2f27c9c04aac06b7d7b486469e5fca0de02c0f8d71de

  • SHA512

    43604c96cb31ffac4bf7b58b29b611ba1de5679007f0618849fcdbff4150bc91758b73dbdb72d0319e9c96781d154f034c4cfcd09d25d1fba95f2c21ad7e78ac

  • SSDEEP

    49152:lZh8S85PWZ5FvcB/Q6J3WM202p5GutgAJuIxyxWCf:azP+Uo89i7JDmWG

Score
10/10
netsupportrat

Malware Config

Targets

    • Target

      nesup2.zip

    • Size

      2.2MB

    • MD5

      d2cac6abc76f2aa03d293498c595f99b

    • SHA1

      5c57f127c94d67da3f5d6719a6c944a0b3c26162

    • SHA256

      de6a89f52103b1d03b5c2f27c9c04aac06b7d7b486469e5fca0de02c0f8d71de

    • SHA512

      43604c96cb31ffac4bf7b58b29b611ba1de5679007f0618849fcdbff4150bc91758b73dbdb72d0319e9c96781d154f034c4cfcd09d25d1fba95f2c21ad7e78ac

    • SSDEEP

      49152:lZh8S85PWZ5FvcB/Q6J3WM202p5GutgAJuIxyxWCf:azP+Uo89i7JDmWG

    Score
    10/10
    netsupportrat

    • NetSupport

      NetSupport is a remote access tool sold as a legitimate system administration software.

      ratnetsupport

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks