Overview

overview

10

Static

static

1

crcGzepilSxGxnpl.ps1

windows10-1703-x64

10

crcGzepilSxGxnpl.ps1

windows10-2004-x64

1

crcGzepilSxGxnpl.ps1

windows11-21h2-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    crcGzepilSxGxnpl.ps1

  • Size

    5KB

  • Sample

    240430-r57byahc6z

  • MD5

    ebdff105260ed07e359304196412e7f3

  • SHA1

    fdf670d65bbdc033ed4718f16808e670cfc6557d

  • SHA256

    9ddf5338f04ac9632782ecc42c7c4e468c3de206717a08ec42fcafe28b92864f

  • SHA512

    2db674a5d23957ba03a8a845ba58ba4377c80db58c39bc3079da0821f0b4b25b87c1afd7fcc6fd8bb12cc9b8e2b7a49355d020f016d5bf1efb33004144b34c76

  • SSDEEP

    96:vqZrZSoNTCMiXDif9cxcopzPp0GImFlP2iwu/xzgiaP2CwuHiwu/xzgiaP2CwuHv:CZrZS+MXDiEcMzPp0PwP2iZzg5P2CniM

Score
10/10
netsupportrat

Malware Config

Targets

    • Target

      crcGzepilSxGxnpl.ps1

    • Size

      5KB

    • MD5

      ebdff105260ed07e359304196412e7f3

    • SHA1

      fdf670d65bbdc033ed4718f16808e670cfc6557d

    • SHA256

      9ddf5338f04ac9632782ecc42c7c4e468c3de206717a08ec42fcafe28b92864f

    • SHA512

      2db674a5d23957ba03a8a845ba58ba4377c80db58c39bc3079da0821f0b4b25b87c1afd7fcc6fd8bb12cc9b8e2b7a49355d020f016d5bf1efb33004144b34c76

    • SSDEEP

      96:vqZrZSoNTCMiXDif9cxcopzPp0GImFlP2iwu/xzgiaP2CwuHiwu/xzgiaP2CwuHv:CZrZS+MXDiEcMzPp0PwP2iZzg5P2CniM

    Score
    10/10
    netsupportrat

    • NetSupport

      NetSupport is a remote access tool sold as a legitimate system administration software.

      ratnetsupport

    • Blocklisted process makes network request

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2behavioral3

MITRE ATT&CK Matrix

Tasks