General
-
Target
E52BE8968152E665685D030C8D641540.exe
-
Size
2.0MB
-
Sample
240208-jptrxadb52
-
MD5
e52be8968152e665685d030c8d641540
-
SHA1
b6fffdeb2df0789cef2201416894f5ca6e055bfc
-
SHA256
ea35797a9556636378031645a48f089087cd258f8e40e1399aa371b2cca3cb7f
-
SHA512
e1f522f0d445bbaa371bcaac6ee780210ada01fb6702934777c3465afa374d7ea6d5dc97fbd50417e31a720a2839318821006f8d3f898773003b5d78c73c5482
-
SSDEEP
49152:mXeTIVDZ5quXQqyAZF8L5wfHIvDVeoyS69XZJJdxopHq:mXe0RZlXQq5ZeLW/KynLJdypHq
Static task
static1
Behavioral task
behavioral1
Sample
E52BE8968152E665685D030C8D641540.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
E52BE8968152E665685D030C8D641540.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
E52BE8968152E665685D030C8D641540.exe
-
Size
2.0MB
-
MD5
e52be8968152e665685d030c8d641540
-
SHA1
b6fffdeb2df0789cef2201416894f5ca6e055bfc
-
SHA256
ea35797a9556636378031645a48f089087cd258f8e40e1399aa371b2cca3cb7f
-
SHA512
e1f522f0d445bbaa371bcaac6ee780210ada01fb6702934777c3465afa374d7ea6d5dc97fbd50417e31a720a2839318821006f8d3f898773003b5d78c73c5482
-
SSDEEP
49152:mXeTIVDZ5quXQqyAZF8L5wfHIvDVeoyS69XZJJdxopHq:mXe0RZlXQq5ZeLW/KynLJdypHq
Score10/10-
NetSupport
NetSupport is a remote access tool sold as a legitimate system administration software.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-