Overview

overview

10

Static

static

3

CB140E011A...69.exe

windows7-x64

10

CB140E011A...69.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    CB140E011A9F85340F5C488A56604469.exe

  • Size

    2.1MB

  • Sample

    231211-lkw3ksbbgk

  • MD5

    cb140e011a9f85340f5c488a56604469

  • SHA1

    962216ba23f8bb522849076dbc6d7d8137ad0cc7

  • SHA256

    520aa5d7a22badb0dfc60f71032dce372d36a392f5474847cdf867e48a28ec6d

  • SHA512

    eb95e2deb3879634e6e6f237d88faf603bd3d3bc1dff6404d9bad2c6d6e0d4c42e61ac47c12acaf6ba47d52d60afb75a5231743ba29675a50e65e39c5a15cc34

  • SSDEEP

    49152:c0zZBDJkFSrSzXcW5FLEg95FnkLl6XVQsZL2UvMSvWNE7+thP4Gz2:c+zkFSrmXcA7p8l6GKDTe8+tJE

Score
10/10
netsupportrat

Malware Config

Targets

    • Target

      CB140E011A9F85340F5C488A56604469.exe

    • Size

      2.1MB

    • MD5

      cb140e011a9f85340f5c488a56604469

    • SHA1

      962216ba23f8bb522849076dbc6d7d8137ad0cc7

    • SHA256

      520aa5d7a22badb0dfc60f71032dce372d36a392f5474847cdf867e48a28ec6d

    • SHA512

      eb95e2deb3879634e6e6f237d88faf603bd3d3bc1dff6404d9bad2c6d6e0d4c42e61ac47c12acaf6ba47d52d60afb75a5231743ba29675a50e65e39c5a15cc34

    • SSDEEP

      49152:c0zZBDJkFSrSzXcW5FLEg95FnkLl6XVQsZL2UvMSvWNE7+thP4Gz2:c+zkFSrmXcA7p8l6GKDTe8+tJE

    Score
    10/10
    netsupportrat

    • NetSupport

      NetSupport is a remote access tool sold as a legitimate system administration software.

      ratnetsupport

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks