General
-
Target
904ee5da45c1127f2137c557670ec4f9.bin
-
Size
2.1MB
-
Sample
230525-b1vjksgb3t
-
MD5
e6d6c177b4831119eacb6273f601bc37
-
SHA1
5c9995c9db3fb5cf08291e1c3cb1f3fc26c8679f
-
SHA256
730112b1346f3abdf37ec57fed713d6d044053a3fea451f532a41df0d4b3ff52
-
SHA512
3604e228e0eb0dc7ccfbdb36313482bdfa04edc88500795a2b3df492283fbfdf530d6a21d1278a8c15686565d97146728acde02464e2c803fa58a3d3ee7f4af9
-
SSDEEP
49152:JzRJ8G9Td9x2R6ki3ACPyEsNqIXP12fyDJ5sie1k/ajDTV:JVJnp9x2RjCPZmP12fbiL0DTV
Static task
static1
Behavioral task
behavioral1
Sample
b41a4eb5971f4dd7b443bd68f92f6af92735d6db5a258e372d57b499882c866a.ps1
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
b41a4eb5971f4dd7b443bd68f92f6af92735d6db5a258e372d57b499882c866a.ps1
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
b41a4eb5971f4dd7b443bd68f92f6af92735d6db5a258e372d57b499882c866a.ps1
-
Size
2.8MB
-
MD5
904ee5da45c1127f2137c557670ec4f9
-
SHA1
7e47e5bd00e73bf6758ec90c50409d9e65bd25a3
-
SHA256
b41a4eb5971f4dd7b443bd68f92f6af92735d6db5a258e372d57b499882c866a
-
SHA512
1e77356c3a6f9833c4a398888348cc60f8c8a0beff514878489706bf60f1e39bcf46c20d811db408b43fb100a4fe642eef932123109d35d6dce5391a4d9eee0b
-
SSDEEP
24576:PpnJM5qB0dazVfVvKKLg2MVlY9kw9a89rS6+MAagBHMWWy/k9VFYTyKzvzYNzyfd:PaazVJK5VlYt9YAy5jMRqqo12+3IXA
Score10/10-
NetSupport
NetSupport is a remote access tool sold as a legitimate system administration software.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-