Overview

overview

10

Static

static

3

client32.exe

windows7-x64

10

client32.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Jan.24.2024.zip

  • Size

    2.6MB

  • Sample

    240124-y9qnbagggp

  • MD5

    506cbfdf9ab4670a82e32e97ccce5e60

  • SHA1

    50c5c6f905eb633f44fc28ae417d600b2cf0f1c2

  • SHA256

    4179b3d47bc78322eea5377fb69d0768a3b216feb32f2e11a17bdf196546414a

  • SHA512

    29a30348e4148123f988cf539a8d7a34bbbe8770b97cbf5ba648890c3067dc74c9e3742b4bc907b9385ae53ed52d7a41429dac7bda91c66be6ba2b20b62ebb93

  • SSDEEP

    49152:iPYrzbdc+sOW9MPkHdhnHQYwzS4sBIAXIOe2jC/+W7in4aHLowHnHnXgZv6:Zfbd7sOJCdxHt9F2OefRi4apHn9

Score
10/10
netsupportrat

Malware Config

Targets

    • Target

      client32.exe

    • Size

      99KB

    • MD5

      aca274219070da800e92a8cae61235bc

    • SHA1

      7347b65bb6eaf0931220bb201c39a66206f0d2c4

    • SHA256

      21903b51f23f7af681a9f69aa066753b202af6c537b97a247d98cfbdec150d63

    • SHA512

      08df88938059e7324b755c3bc88d8943aaaf6f9244c748f521b265fd0417750e067cff077875d0168a440ad0b5fd3c1b0fa4dd5335bd707d4bf3b07e6c6ede2a

    • SSDEEP

      768:qHcHeEYjB9aFIrdXrY/TEqMVnYYEFwGxDrLabMiF:qHHF9qEGMVntqxUn

    Score
    10/10
    netsupportrat

    • NetSupport

      NetSupport is a remote access tool sold as a legitimate system administration software.

      ratnetsupport
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks