Overview

overview

10

Static

static

1

client/client32.exe

windows10-1703-x64

10

client/client32.exe

windows10-2004-x64

10

client/client32.exe

windows11-21h2-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    netsupport25.zip

  • Size

    2.2MB

  • Sample

    240424-sp8eqscc62

  • MD5

    d9b6c10970b94d21e3f2077b54a63818

  • SHA1

    98f404cb5ce1d0d90a56f20377df3861f2164c25

  • SHA256

    7441c425b0ec105239414af3341a42a5d0f9d4fd9495db03d48746d9914ab438

  • SHA512

    c24bbff0a5928c8679a7e2f09457ce4fc56dfa31fa02c9c8fee16ffb1d287805956ab70c373f58713cf85d1ec0a477bc8ac793ff153ae8eb422b0b776c83ec4a

  • SSDEEP

    49152:x7VQNflTPMa/OxjJ1hQKa/ZK770FH244xSbBVLmLELJ6QWT:ZePMa/OxhF46YFH2HSbnCLQS

Score
10/10
netsupportrat

Malware Config

Targets

    • Target

      client/client32.exe

    • Size

      54KB

    • MD5

      9497aece91e1ccc495ca26ae284600b9

    • SHA1

      a005d8ce0c1ea8901c1b4ea86c40f4925bd2c6da

    • SHA256

      1b63f83f06dbd9125a6983a36e0dbd64026bb4f535e97c5df67c1563d91eff89

    • SHA512

      4c892e5029a707bcf73b85ac110d8078cb273632b68637e9b296a7474ab0202320ff24cf6206de04af08abf087654b0d80cbecfae824c06616c47ce93f0929c9

    • SSDEEP

      1536:HtvrImfzoXK6DDvvvDvpvZMt+pan/opgRl2:lImfzoXK9/o66

    Score
    10/10
    netsupportrat

    • NetSupport

      NetSupport is a remote access tool sold as a legitimate system administration software.

      ratnetsupport
    behavioral1behavioral2behavioral3

MITRE ATT&CK Matrix

Tasks