General
-
Target
file4.ps1
-
Size
2KB
-
Sample
230512-nl5gfsch45
-
MD5
97b66f50d529a72add418aaf982a6b10
-
SHA1
bd043133d069a76d0ce7fa8306eb532f25ffdacc
-
SHA256
bad8dd8a1fc90352747ebc4c70c7017f39c42df06016f8ddd8b59e49b5586969
-
SHA512
3fa03566415e4632a375343d1d0fb763c9feef341596aeb16d036232dfaac0bd5275e8cfb150299466733fa32e97a46f9d2885b3c014682890ce1fb22db02d4c
Static task
static1
Behavioral task
behavioral1
Sample
file4.ps1
Resource
win10v2004-20230220-de
Malware Config
Extracted
http://193.233.232.150/view.php
Targets
-
-
Target
file4.ps1
-
Size
2KB
-
MD5
97b66f50d529a72add418aaf982a6b10
-
SHA1
bd043133d069a76d0ce7fa8306eb532f25ffdacc
-
SHA256
bad8dd8a1fc90352747ebc4c70c7017f39c42df06016f8ddd8b59e49b5586969
-
SHA512
3fa03566415e4632a375343d1d0fb763c9feef341596aeb16d036232dfaac0bd5275e8cfb150299466733fa32e97a46f9d2885b3c014682890ce1fb22db02d4c
Score10/10-
NetSupport
NetSupport is a remote access tool sold as a legitimate system administration software.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-