General
-
Target
bee129f1cc4bccacd607f73735564d77.exe
-
Size
3.4MB
-
Sample
230722-hvcj5shh53
-
MD5
bee129f1cc4bccacd607f73735564d77
-
SHA1
868f5d1e1d60b00178679dd6b006aac2a7d8eca5
-
SHA256
463e3a3781754963ddd5b65b237ed60d56dd58182abf25e3a3093fadfb68349f
-
SHA512
9ed4de70e41268b90ee18953f76b92d6c44d7857b677ad482af69030bea38771fdeedeb0e58a4bccb565172734dd35cb4d102a0cd6394f5f3d26c771d8d808af
-
SSDEEP
24576:bsv556Cux3LfT3AwCXSzww19rehwcwNvs/21CPf/VqlOBh9paD4z17iY6zUzby5g:y5GcaehwJN4f/QlOBhGCY4e59z4xg6
Static task
static1
Behavioral task
behavioral1
Sample
bee129f1cc4bccacd607f73735564d77.exe
Resource
win7-20230712-en
Behavioral task
behavioral2
Sample
bee129f1cc4bccacd607f73735564d77.exe
Resource
win10v2004-20230703-en
Malware Config
Targets
-
-
Target
bee129f1cc4bccacd607f73735564d77.exe
-
Size
3.4MB
-
MD5
bee129f1cc4bccacd607f73735564d77
-
SHA1
868f5d1e1d60b00178679dd6b006aac2a7d8eca5
-
SHA256
463e3a3781754963ddd5b65b237ed60d56dd58182abf25e3a3093fadfb68349f
-
SHA512
9ed4de70e41268b90ee18953f76b92d6c44d7857b677ad482af69030bea38771fdeedeb0e58a4bccb565172734dd35cb4d102a0cd6394f5f3d26c771d8d808af
-
SSDEEP
24576:bsv556Cux3LfT3AwCXSzww19rehwcwNvs/21CPf/VqlOBh9paD4z17iY6zUzby5g:y5GcaehwJN4f/QlOBhGCY4e59z4xg6
Score10/10-
NetSupport
NetSupport is a remote access tool sold as a legitimate system administration software.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-