General
-
Target
packagedream.vbs
-
Size
1.3MB
-
Sample
240119-zxn5dsdfcm
-
MD5
71c63492e60f3670f0ad59f7aab30e8a
-
SHA1
508a4fbfc5b583837e59ff82564470a44a8594a7
-
SHA256
8928ad0871ecd5da5467bc5493583fad716eba2419f28531651ca0fbbbd80553
-
SHA512
a02e33f5c26f03f7c0353839e98dceac4e343487afc28f3e5e1bb8e6006b32fb8187eea237b4d310649a0f1381ca8085f14f43350ca6bb415462640a62a97187
-
SSDEEP
6144:SElhcrN0xmjYbEeq776GPxejmTGt1uF7JFI:p
Static task
static1
Behavioral task
behavioral1
Sample
packagedream.vbs
Resource
win10-20231215-en
Malware Config
Targets
-
-
Target
packagedream.vbs
-
Size
1.3MB
-
MD5
71c63492e60f3670f0ad59f7aab30e8a
-
SHA1
508a4fbfc5b583837e59ff82564470a44a8594a7
-
SHA256
8928ad0871ecd5da5467bc5493583fad716eba2419f28531651ca0fbbbd80553
-
SHA512
a02e33f5c26f03f7c0353839e98dceac4e343487afc28f3e5e1bb8e6006b32fb8187eea237b4d310649a0f1381ca8085f14f43350ca6bb415462640a62a97187
-
SSDEEP
6144:SElhcrN0xmjYbEeq776GPxejmTGt1uF7JFI:p
Score10/10-
NetSupport
NetSupport is a remote access tool sold as a legitimate system administration software.
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-