netsupport | bdc92bd99badb33688732e6ff8ff1045b8a798052ba4444724c3256940541415 | Triage

Submit
Reports

Overview

overview

Static

static

3

FE5C7415EB...FD.exe

windows7-x64

FE5C7415EB...FD.exe

windows10-2004-x64

8

Sharing

General

Target

FE5C7415EB448B1666003CF825C8AAFD.exe
Size

3.1MB
Sample

231025-wyl5msee71
MD5

fe5c7415eb448b1666003cf825c8aafd
SHA1

91527aeef26a794945448440ce8b65ee800c6b27
SHA256

bdc92bd99badb33688732e6ff8ff1045b8a798052ba4444724c3256940541415
SHA512

90cc39017e8976077b767dae87dab94b9483a52543e64ab03fe5fab74a4321a7b60d30255d4aaf91fe3112ead6254fb0ed301b7f4ee82153a18b33538982d755
SSDEEP

98304:ykLboYWh8JAV/VH97F3tlQ+Yt29s4C1eH9p:dUQJAZVdVQ+Yt5o9p

Score

10^/10

netsupport discovery rat

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

FE5C7415EB448B1666003CF825C8AAFD.exe

Resource

win7-20231020-en

netsupport discovery rat

windows7-x64

20 signatures

150 seconds

Behavioral task

behavioral2

Sample

FE5C7415EB448B1666003CF825C8AAFD.exe

Resource

win10v2004-20231020-en

windows10-2004-x64

17 signatures

150 seconds

Malware Config

Targets

- Target
  
  FE5C7415EB448B1666003CF825C8AAFD.exe
- Size
  
  3.1MB
- MD5
  
  fe5c7415eb448b1666003cf825c8aafd
- SHA1
  
  91527aeef26a794945448440ce8b65ee800c6b27
- SHA256
  
  bdc92bd99badb33688732e6ff8ff1045b8a798052ba4444724c3256940541415
- SHA512
  
  90cc39017e8976077b767dae87dab94b9483a52543e64ab03fe5fab74a4321a7b60d30255d4aaf91fe3112ead6254fb0ed301b7f4ee82153a18b33538982d755
- SSDEEP
  
  98304:ykLboYWh8JAV/VH97F3tlQ+Yt29s4C1eH9p:dUQJAZVdVQ+Yt5o9p
Score

10^/10

netsupport discovery rat
- NetSupport
  NetSupport is a remote access tool sold as a legitimate system administration software.
  rat netsupport
- Downloads MZ/PE file
- Executes dropped EXE
- Loads dropped DLL
- Blocklisted process makes network request
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

netsupportdiscoveryrat

behavioral2

© 2018-2025

Terms | Privacy