General

  • Target

    bee129f1cc4bccacd607f73735564d77.exe

  • Size

    3.4MB

  • Sample

    230722-hvcj5shh53

  • MD5

    bee129f1cc4bccacd607f73735564d77

  • SHA1

    868f5d1e1d60b00178679dd6b006aac2a7d8eca5

  • SHA256

    463e3a3781754963ddd5b65b237ed60d56dd58182abf25e3a3093fadfb68349f

  • SHA512

    9ed4de70e41268b90ee18953f76b92d6c44d7857b677ad482af69030bea38771fdeedeb0e58a4bccb565172734dd35cb4d102a0cd6394f5f3d26c771d8d808af

  • SSDEEP

    24576:bsv556Cux3LfT3AwCXSzww19rehwcwNvs/21CPf/VqlOBh9paD4z17iY6zUzby5g:y5GcaehwJN4f/QlOBhGCY4e59z4xg6

Score
10/10

Malware Config

Targets

    • Target

      bee129f1cc4bccacd607f73735564d77.exe

    • Size

      3.4MB

    • MD5

      bee129f1cc4bccacd607f73735564d77

    • SHA1

      868f5d1e1d60b00178679dd6b006aac2a7d8eca5

    • SHA256

      463e3a3781754963ddd5b65b237ed60d56dd58182abf25e3a3093fadfb68349f

    • SHA512

      9ed4de70e41268b90ee18953f76b92d6c44d7857b677ad482af69030bea38771fdeedeb0e58a4bccb565172734dd35cb4d102a0cd6394f5f3d26c771d8d808af

    • SSDEEP

      24576:bsv556Cux3LfT3AwCXSzww19rehwcwNvs/21CPf/VqlOBh9paD4z17iY6zUzby5g:y5GcaehwJN4f/QlOBhGCY4e59z4xg6

    Score
    10/10
    • NetSupport

      NetSupport is a remote access tool sold as a legitimate system administration software.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks