netsupport | d1c81a73b375a54fa4441bea0d248071c4b838ae62f550dd325f67b4f471bc0c | Triage

Sharing

General

Target

soft.zip
Size

2.1MB
Sample

240726-cwyaca1anm
MD5

4ed4a861097bf7890dc3844df61aa592
SHA1

013db5aa2b06a7d7cef81c2d33f6d7e5a1772727
SHA256

d1c81a73b375a54fa4441bea0d248071c4b838ae62f550dd325f67b4f471bc0c
SHA512

6f4a55a98a488946a76f69a67a6a4af09b69379fbe43104931861b0bd66db1a5066d52fd41743ceaeddb0a40855079c8762cb62412b44ce70170bb6a909bf223
SSDEEP

49152:0jW0xxBYrp7EVhEBNO9GAeuAGW4XpY2F8cMUCFQOJK02YE8mWLawS6t:0qGzSuENOzeuAGrXnF6uolFL4ot

Score

10^/10

netsupport discovery rat

Malware Config

Targets

- Target
  
  soft/soft.exe
- Size
  
  54KB
- MD5
  
  443d48f993d073c0f7027ce386ddb862
- SHA1
  
  7c947415d46f55291267c3e1fa47a797a3503aa6
- SHA256
  
  b2ada18bbaf798c8a641df5b0ff1b48006f6029ccb9c5a529d91673367de3e35
- SHA512
  
  8abf630ddecf9ebab1196bbc9c87f1004c5d58ef576b5f1d08b6316f06ba55d78edffdec6d6676ddd1ba27ff1e7fa8a6ac2c1fb659e0dd0b2c4989a59c711e05
- SSDEEP
  
  1536:HtvrImfzoXK6DDvvvDvpvZMt+pan/opgca2:lImfzoXK9/o6w
Score

10^/10

netsupport discovery rat
- NetSupport
  NetSupport is a remote access tool sold as a legitimate system administration software.
  rat netsupport
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

netsupportdiscoveryrat

behavioral2

netsupportdiscoveryrat

behavioral3

netsupportdiscoveryrat