netsupport | f578371283ea332b5118e584b1c6f0910dad7140554f8a05148f6709c6cad1da | Triage

Sharing

Copy URL Twitter E-mail

General

Target

servs6572.js
Size

46KB
Sample

230708-kdjm8seb2v
MD5

d0bae3a9204c735791f07d7c0d6d2951
SHA1

e78a56d38f7ed6fa8516f6924f8378e9716bac5c
SHA256

f578371283ea332b5118e584b1c6f0910dad7140554f8a05148f6709c6cad1da
SHA512

ffd13cf98bdc9a00d73a4d13723e11a08926d6204023b941f8f318d870f42d4d54030800629fd746e04a415135d2eea6c99f01408307e9dba353189b3d18c51a
SSDEEP

768:MHisCv89uYMvvd2q8g8oI/+I/aJ09blD31TZPu2Bfjn55BYEPrOBoZKnDM:MCs1lYI/+LJ09bh3NZ221b55BVOBCKDM

Score

10^/10

netsupport rat

Malware Config

Extracted

Language

ps1

Deobfuscated

URLs

exe.dropper

https://ecotree.co.in/images/cora.zip

exe.dropper

https://ecotree.co.in/images/files/cora.zip

Extracted

Language

ps1

Deobfuscated

URLs

exe.dropper

https://ecotree.co.in/images/cora.zip

exe.dropper

https://ecotree.co.in/images/files/cora.zip

Targets

- Target
  
  servs6572.js
- Size
  
  46KB
- MD5
  
  d0bae3a9204c735791f07d7c0d6d2951
- SHA1
  
  e78a56d38f7ed6fa8516f6924f8378e9716bac5c
- SHA256
  
  f578371283ea332b5118e584b1c6f0910dad7140554f8a05148f6709c6cad1da
- SHA512
  
  ffd13cf98bdc9a00d73a4d13723e11a08926d6204023b941f8f318d870f42d4d54030800629fd746e04a415135d2eea6c99f01408307e9dba353189b3d18c51a
- SSDEEP
  
  768:MHisCv89uYMvvd2q8g8oI/+I/aJ09blD31TZPu2Bfjn55BYEPrOBoZKnDM:MCs1lYI/+LJ09bh3NZ221b55BVOBCKDM
Score

10^/10

netsupport rat
- NetSupport
  NetSupport is a remote access tool sold as a legitimate system administration software.
  rat netsupport
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

BITS Jobs

Privilege Escalation

Defense Evasion

BITS Jobs

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2