Extracted

• • Target

    983983983.js

  • Size

    3KB

  • MD5

    ba6b5465ba6388b33d038a2228939022

  • SHA1

    798f388a9a1fc105d4d43b3941d093706714cdb8

  • SHA256

    31ea2d2861601ae0fa968ba952aad8dc78e0f5da2bfeb2a5c2073ff4170684e9

  • SHA512

    02eb2e18c5040c90c8e5108b580feabe7f17c0f414c5c29d0fbc5f10f8e4aba7921e49c6d4c5d611f7b6c8ad97c7d5d1dad10d1a536fed6543716462bded21ee

  Score

  10^/10

  netsupportpersistencerat

  • NetSupport

    NetSupport is a remote access tool sold as a legitimate system administration software.

    ratnetsupport

  • Blocklisted process makes network request

  • Executes dropped EXE

  • Loads dropped DLL

  • Adds Run key to start application

    persistence
  behavioral1behavioral2