netsupport

Sharing

Copy URL

Twitter E-mail

General

Target

24_06.zip
Size

2.1MB
Sample

230630-n3m9haad2z
MD5

8a1656c0a0d3cad83f56849bbb2d2ebc
SHA1

19d7c1bf6e038a33b5914dc0a62e269cb4fe02a5
SHA256

23f72cabe7442bcb95f47a59209b18759036da3b68446d2f4148aa0f8dc42433
SHA512

c076f3332e43b08f2339ad344a3ff618f67668c0cbe70bd98fc41461666d8c85ac95a3fd4f72a2f932c6fffbc7666a17d2d2e78ed5ccf7b3eb06d0b9e46ec215
SSDEEP

49152:vZjQXorDcQhg7dMnEBJCgkh3V/4msgea3DQQ8lVG5PWZ5FvcB2:vqWg7OEB1kh3VucDn8bIP+U2

Score

10^/10

netsupport rat

Malware Config

Targets

- Target
  
  AudioCapture.dll
- Size
  
  91KB
- MD5
  
  4182f37b9ba1fa315268c669b5335dde
- SHA1
  
  2c13da0c10638a5200fed99dcdcf0dc77a599073
- SHA256
  
  a74612ae5234d1a8f1263545400668097f9eb6a01dfb8037bc61ca9cae82c5b8
- SHA512
  
  4f22ad5679a844f6ed248bf2594af94cf2ed1e5c6c5441f0fb4de766648c17d1641a6ce7c816751f0520a3ae336479c15f3f8b6ebe64a76c38bc28a02ff0f5dc
- SSDEEP
  
  1536:wrOxDJs/Ksdl0R1dBmhFXxRpP9JNvbnPUGI:3yXlQmhhHp9J9bnPTI
Score

1^/10
behavioral1 behavioral2
- Target
  
  HTCTL32.DLL
- Size
  
  320KB
- MD5
  
  2d3b207c8a48148296156e5725426c7f
- SHA1
  
  ad464eb7cf5c19c8a443ab5b590440b32dbc618f
- SHA256
  
  edfe2b923bfb5d1088de1611401f5c35ece91581e71503a5631647ac51f7d796
- SHA512
  
  55c791705993b83c9b26a8dbd545d7e149c42ee358ecece638128ee271e85b4fdbfd6fbae61d13533bf39ae752144e2cc2c5edcda955f18c37a785084db0860c
- SSDEEP
  
  6144:2ib5YbsXPKXd6ppGpwpbGf30IVFpSzyaHx3/4aY5dUilQpAf84lH0JYBAnM1OK/Y:2ib5YbsXioEgULFpSzya9/lY5SilQCfg
Score

3^/10
behavioral3 behavioral4
- Target
  
  PCICHEK.DLL
- Size
  
  18KB
- MD5
  
  a0b9388c5f18e27266a31f8c5765b263
- SHA1
  
  906f7e94f841d464d4da144f7c858fa2160e36db
- SHA256
  
  313117e723dda6ea3911faacd23f4405003fb651c73de8deff10b9eb5b4a058a
- SHA512
  
  6051a0b22af135b4433474dc7c6f53fb1c06844d0a30ed596a3c6c80644df511b023e140c4878867fa2578c79695fac2eb303aea87c0ecfc15a4ad264bd0b3cd
- SSDEEP
  
  192:1ANeiOT8Z2b6SoVF6RRHaPrpF3o47jtd3hfwHjvud3hfwx7bjuh:1ANt+E2exrpxTSDuTuih
Score

5^/10
- Drops file in System32 directory
behavioral5 behavioral6
- Target
  
  PCICL32.DLL
- Size
  
  3.5MB
- MD5
  
  35f0259df06c4605fe2743c26dd9eac5
- SHA1
  
  5ed1de8fe63d1bdd4ea7321bd27d22f162cc4168
- SHA256
  
  412674e44fa27c523e0d968244f0e4d128487daf779de17b83b94da8bf602e59
- SHA512
  
  f4e28b3ab19614d3e915a5d8333adb7805a213b31b4c7159c5d65b386f8dcc95fe3a892098a46abe92bb4ba12a31c140c97d24546c97f9c702638644bd874b71
- SSDEEP
  
  49152:BQ8QqFfxm8YV0J05xlibLK2MTc/azclSpp4sS:BQ8LFfxg5xkL1lSgT
Score

1^/10
behavioral7 behavioral8
- Target
  
  TCCTL32.DLL
- Size
  
  355KB
- MD5
  
  85db07eba81939098622ef88d572cd5b
- SHA1
  
  1af304730f1af2d4b99d20da11022bc8a1021a60
- SHA256
  
  47162edd0cf12cd37eacc44e4da35734b94f6e5a202be435c5c7a9e51eb0f3ec
- SHA512
  
  f02603e091f7fc0960cd228b845e5412934f41baaebec611f92718bf16d4f222c176734409f9bf2833ee6d8c26f3e8992eb01f9a5c53cdcbbde28eba2497cd64
- SSDEEP
  
  6144:FgL3Le4qjZqUAbuDgLNvCFWnS62AIf++H7uxxCuLe9AiD0kqfv6rr:6L3Le4qjQUAbuDUvcWnS6pIf++H7SxCh
Score

1^/10
behavioral10 behavioral9
- Target
  
  client32.exe
- Size
  
  99KB
- MD5
  
  f70b67c2b3204b7ddd8b755799cccff0
- SHA1
  
  a42e55e328d62d11e687c167bb7049d46f0f9b26
- SHA256
  
  213af995d4142854b81af3cf73dee7ffe9d8ad6e84fda6386029101dbf3df897
- SHA512
  
  54fcba8a063bfbaae4c3a39624bf3407db6af5699ab8686f936ab03c5864df7a44d089066fa2d4aedf5ad50d6b04624966a5111bf57bec1dda74a571f1dd7c63
- SSDEEP
  
  384:qUjV5+6j6Qa86Fkv2Wr120hZIq6nYPL7NheMxnB1:qgVZl6FhWr80/h6EN/
Score

10^/10

netsupport rat
- NetSupport
  NetSupport is a remote access tool sold as a legitimate system administration software.
  rat netsupport
behavioral11 behavioral12
- Target
  
  msvcr100.dll
- Size
  
  755KB
- MD5
  
  0e37fbfa79d349d672456923ec5fbbe3
- SHA1
  
  4e880fc7625ccf8d9ca799d5b94ce2b1e7597335
- SHA256
  
  8793353461826fbd48f25ea8b835be204b758ce7510db2af631b28850355bd18
- SHA512
  
  2bea9bd528513a3c6a54beac25096ee200a4e6ccfc2a308ae9cfd1ad8738e2e2defd477d59db527a048e5e9a4fe1fc1d771701de14ef82b4dbcdc90df0387630
- SSDEEP
  
  12288:nMmCy3nAgPAxN9ueqix/HEmxsvGrif8ZSy+rdQw2QRAtd74/vmYK6H3BVoe3z:MmCy3KxW3ixPEmxsvGrm8Z6r+JQPzV7z
Score

3^/10
behavioral13 behavioral14
- Target
  
  pcicapi.dll
- Size
  
  32KB
- MD5
  
  dcde2248d19c778a41aa165866dd52d0
- SHA1
  
  7ec84be84fe23f0b0093b647538737e1f19ebb03
- SHA256
  
  9074fd40ea6a0caa892e6361a6a4e834c2e51e6e98d1ffcda7a9a537594a6917
- SHA512
  
  c5d170d420f1aeb9bcd606a282af6e8da04ae45c83d07faaacb73ff2e27f4188b09446ce508620124f6d9b447a40a23620cfb39b79f02b04bb9e513866352166
- SSDEEP
  
  768:FFvNhAyi5hHA448qZkSn+EgT8To1iTYiu:FCyoHA448qSSzgI2GQ
Score

1^/10
behavioral15 behavioral16
- Target
  
  remcmdstub.exe
- Size
  
  58KB
- MD5
  
  ba2a1815e16b357eeff23b8394457aa5
- SHA1
  
  2492e2393cdaed5678ea0a573c50d06ec5f191f4
- SHA256
  
  e14c3224215ea91587e96b995861e8966166dfc08ab4d409bd729770815b3b81
- SHA512
  
  d505a1a17c44a96e74f94238b3623d7e6064b8c94007f2d94d6626eeee3ba75db92e569bc864c90096eabf61a0cd68ae690461b43b6e429b4deda1b44e18ba41
- SSDEEP
  
  1536:Wf6nvXuNcAjJMBUHYBlXU1wT2JFqyuAQYPT:g6nPcjJ4U4I1jFqyuHuT
Score

5^/10
- Drops file in System32 directory
behavioral17 behavioral18

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Targets

Drops file in System32 directory

Drops file in System32 directory

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18