General

  • Target

    packagedream.vbs

  • Size

    1.3MB

  • Sample

    240119-zxn5dsdfcm

  • MD5

    71c63492e60f3670f0ad59f7aab30e8a

  • SHA1

    508a4fbfc5b583837e59ff82564470a44a8594a7

  • SHA256

    8928ad0871ecd5da5467bc5493583fad716eba2419f28531651ca0fbbbd80553

  • SHA512

    a02e33f5c26f03f7c0353839e98dceac4e343487afc28f3e5e1bb8e6006b32fb8187eea237b4d310649a0f1381ca8085f14f43350ca6bb415462640a62a97187

  • SSDEEP

    6144:SElhcrN0xmjYbEeq776GPxejmTGt1uF7JFI:p

Score
10/10

Malware Config

Targets

    • Target

      packagedream.vbs

    • Size

      1.3MB

    • MD5

      71c63492e60f3670f0ad59f7aab30e8a

    • SHA1

      508a4fbfc5b583837e59ff82564470a44a8594a7

    • SHA256

      8928ad0871ecd5da5467bc5493583fad716eba2419f28531651ca0fbbbd80553

    • SHA512

      a02e33f5c26f03f7c0353839e98dceac4e343487afc28f3e5e1bb8e6006b32fb8187eea237b4d310649a0f1381ca8085f14f43350ca6bb415462640a62a97187

    • SSDEEP

      6144:SElhcrN0xmjYbEeq776GPxejmTGt1uF7JFI:p

    Score
    10/10
    • NetSupport

      NetSupport is a remote access tool sold as a legitimate system administration software.

    • Blocklisted process makes network request

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks