netsupport | 00682f38590518386125cafff9c9b07f8d10e64ecd7db867e6c1409e4a886b96 | Triage

Sharing

General

Target

admin.zip
Size

2.1MB
Sample

240726-p9a37ayhkj
MD5

e1913521d1e1db9b5a55502eb6106443
SHA1

18b4ee5c220c64a1143c1d3927f244e0b7ebfad7
SHA256

00682f38590518386125cafff9c9b07f8d10e64ecd7db867e6c1409e4a886b96
SHA512

137a39aba5d20d007ce093c7de648b952e4dc5952775d7edd9cc1d8e6a2411a63ecef78f1f468b96520fa42d237716ace89a03e08f4cfb84c9c96f4c49c92d22
SSDEEP

24576:Nli6BRnmSnSpUDCNIsyYPPluW/2/BqIQZfW4OCayzzB6q8G9Y3MQQXSK87X6w08z:/z3SpHNIsvPIW/2gIKfqifFa8Z8dRM6r

Score

10^/10

netsupport discovery rat

Malware Config

Targets

- Target
  
  file.exe
- Size
  
  54KB
- MD5
  
  443d48f993d073c0f7027ce386ddb862
- SHA1
  
  7c947415d46f55291267c3e1fa47a797a3503aa6
- SHA256
  
  b2ada18bbaf798c8a641df5b0ff1b48006f6029ccb9c5a529d91673367de3e35
- SHA512
  
  8abf630ddecf9ebab1196bbc9c87f1004c5d58ef576b5f1d08b6316f06ba55d78edffdec6d6676ddd1ba27ff1e7fa8a6ac2c1fb659e0dd0b2c4989a59c711e05
- SSDEEP
  
  1536:HtvrImfzoXK6DDvvvDvpvZMt+pan/opgca2:lImfzoXK9/o6w
Score

10^/10

netsupport discovery rat
- NetSupport
  NetSupport is a remote access tool sold as a legitimate system administration software.
  rat netsupport
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

netsupportdiscoveryrat

behavioral2

netsupportdiscoveryrat

behavioral3

netsupportdiscoveryrat