Overview

overview

10

Static

static

3

srgjsrtyjs...ty.ps1

windows7-x64

10

srgjsrtyjs...ty.ps1

windows10-1703-x64

10

srgjsrtyjs...ty.ps1

windows10-2004-x64

10

srgjsrtyjs...ty.ps1

windows11-21h2-x64

10

Resubmissions

30-07-2024 14:18

240730-rml82stbkq 10

30-07-2024 01:45

240730-b6d4sawcld 3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5b2c19c32d0a4725f4d5057bab96ebc00a60774926c04daa451f628677762603.zip

  • Size

    7.1MB

  • Sample

    240730-rml82stbkq

  • MD5

    0b46e5390b4d45f49ce6e67aaf082bdb

  • SHA1

    dd3ad5023d2a9f476f4c62d9eb449bc6a8ab133d

  • SHA256

    5b2c19c32d0a4725f4d5057bab96ebc00a60774926c04daa451f628677762603

  • SHA512

    94e38a83eeaa9091da96aae7d4b8e2b136580fa82793a5b239c9cf5cac81ee12e1475c600e4354f4b942f05bc4785997efe2d41d42be65ecda8a55f5f74afe26

  • SSDEEP

    196608:JrF+y/ANInCD7hZKrhEHxvDMLoW4kJswfgnz+UUnHdZ:Jrzk/7Grh+vDQJFfg69Z

Score
10/10
netsupportdiscoveryexecutionrat

Malware Config

Targets

    • Target

      srgjsrtyjstryjkwssdty.ps1

    • Size

      789B

    • MD5

      175251f9d896e7faf156eb7c6865ddae

    • SHA1

      0665df5296b40ed0fcddefedeb82c96dada5cdac

    • SHA256

      a288c22b7c277f9fb41a46793ab5651f93e0a99f03332ac7b0f36a169ca7d321

    • SHA512

      90fa93dfd7f8751e0164dd305b11388941b36f599cd39f19744de2069cd0ca5df1984649fdaf97cd8949bbe0eff7a692703d2fdd174202e5fb2652618b2fead6

    Score
    10/10
    netsupportdiscoveryexecutionrat

    • NetSupport

      NetSupport is a remote access tool sold as a legitimate system administration software.

      ratnetsupport

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks