General
-
Target
724c0d5e9bbc33eb355d541345042481.exe
-
Size
2.3MB
-
Sample
240618-g67nzsverm
-
MD5
724c0d5e9bbc33eb355d541345042481
-
SHA1
d153ab5994a2fcdb374ede389e2d0176e83d5e4a
-
SHA256
bd148ba09c1e9151900f96e013df643b0f07ac2d17be23a188fa207eb8d27c1a
-
SHA512
572d5424b5642cd0fac8d0c6336d5064b681ae7314d395bd181f5240cbc3384f796c05b87aef591d53e078d1f41021cedbd8350d652f19e6caab4f0957f172ba
-
SSDEEP
49152:qBmOR4+v3lDSpPGUOWo7FONmdAxOwVVpHfOA:CmOjQfoTrwDpHfOA
Malware Config
Targets
-
-
Target
724c0d5e9bbc33eb355d541345042481.exe
-
Size
2.3MB
-
MD5
724c0d5e9bbc33eb355d541345042481
-
SHA1
d153ab5994a2fcdb374ede389e2d0176e83d5e4a
-
SHA256
bd148ba09c1e9151900f96e013df643b0f07ac2d17be23a188fa207eb8d27c1a
-
SHA512
572d5424b5642cd0fac8d0c6336d5064b681ae7314d395bd181f5240cbc3384f796c05b87aef591d53e078d1f41021cedbd8350d652f19e6caab4f0957f172ba
-
SSDEEP
49152:qBmOR4+v3lDSpPGUOWo7FONmdAxOwVVpHfOA:CmOjQfoTrwDpHfOA
Score10/10-
NetSupport
NetSupport is a remote access tool sold as a legitimate system administration software.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-