netsupport | 1f070563944bd7a8a6182a78aab0b230881ac3d46e45d44eed2e06c16aa22e6c | Triage

Sharing

General

Target

programm.zip
Size

2.1MB
Sample

240725-cax3fs1erj
MD5

f9f00d953e05f1d3bfcd7ba7aa4c3bac
SHA1

cdea42fa34df93711b9a8aa6ce0ff1cbaca5ed4b
SHA256

1f070563944bd7a8a6182a78aab0b230881ac3d46e45d44eed2e06c16aa22e6c
SHA512

06fc6f23f3d1b51f178732fa007d18e91baca89460deca60a5be8f5e56942bab5e5b40efed55025d67eb8e434109d3ce23abb4daf2645e998510e2bbd10e0e88
SSDEEP

49152:8jW0xxyYrp7wVhEBNO9GAeuAGW4XpY2F8cMUCFQOJK02PN8mWLawS6c:8qGISqENOzeuAGrXnF6uolGu4oc

Score

10^/10

netsupport discovery rat

Malware Config

Targets

- Target
  
  programm/soft.exe
- Size
  
  54KB
- MD5
  
  4cb25a4d34304410017210125112bc79
- SHA1
  
  021f72c016402db9fef4e1953f1b4b7251fea2fb
- SHA256
  
  3d15fff559a6279db51ae58202c03167f69797340c4e581a6b5c4898d8e2e244
- SHA512
  
  62f32e442f587950223f816fbde09d4eaaea38c5365209894a7df6e3b296153ee480289666904b0feb9996277af750b539f0b8564bbe66e7e822bddc828d6e74
- SSDEEP
  
  1536:HtvrImfzoXK6DDvvvDvpvZMt+pan/opglD2:lImfzoXK9/o6o
Score

10^/10

netsupport discovery rat
- NetSupport
  NetSupport is a remote access tool sold as a legitimate system administration software.
  rat netsupport
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

netsupportdiscoveryrat

behavioral2

netsupportdiscoveryrat