netsupport | d4eeca672211c641c4e2f814dabd6e17bc2cdfdf823c3f8bedc9a0080cd48d14 | Triage

Sharing

General

Target

programm.zip
Size

2.1MB
Sample

240729-28qtgavhqm
MD5

6dea0ed9ef15c8c0053f8c1a5ee473c2
SHA1

ba096bb50efd467b0be928974696530ba9f325a7
SHA256

d4eeca672211c641c4e2f814dabd6e17bc2cdfdf823c3f8bedc9a0080cd48d14
SHA512

8fdaf7df8f5ca4e2a5580e6ad366d67494eee317b632da6472eb72c83b4ff644215ec184e4a6baf88c061384072cebdb53695724c811d1abefece75874eb38c3
SSDEEP

49152:8jW0xxyYrp7wVhEBNO9GAeuAGW4XpY2F8cMUCFQOJK02PN8mWLawS6A:8qGISqENOzeuAGrXnF6uolGu4oA

Score

10^/10

netsupport discovery rat

Malware Config

Targets

- Target
  
  programm/soft.exe
- Size
  
  54KB
- MD5
  
  4cb25a4d34304410017210125112bc79
- SHA1
  
  021f72c016402db9fef4e1953f1b4b7251fea2fb
- SHA256
  
  3d15fff559a6279db51ae58202c03167f69797340c4e581a6b5c4898d8e2e244
- SHA512
  
  62f32e442f587950223f816fbde09d4eaaea38c5365209894a7df6e3b296153ee480289666904b0feb9996277af750b539f0b8564bbe66e7e822bddc828d6e74
- SSDEEP
  
  1536:HtvrImfzoXK6DDvvvDvpvZMt+pan/opglD2:lImfzoXK9/o6o
Score

10^/10

netsupport discovery rat
- NetSupport
  NetSupport is a remote access tool sold as a legitimate system administration software.
  rat netsupport
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

netsupportdiscoveryrat

behavioral2

netsupportdiscoveryrat