Overview

overview

10

Static

static

3

programm/A...re.dll

windows7-x64

3

programm/A...re.dll

windows10-2004-x64

3

programm/HTCTL32.dll

windows7-x64

3

programm/HTCTL32.dll

windows10-2004-x64

3

programm/PCICHEK.dll

windows7-x64

3

programm/PCICHEK.dll

windows10-2004-x64

3

programm/PCICL32.dll

windows7-x64

3

programm/PCICL32.dll

windows10-2004-x64

3

programm/TCCTL32.dll

windows7-x64

3

programm/TCCTL32.dll

windows10-2004-x64

3

programm/msvcr100.dll

windows7-x64

3

programm/msvcr100.dll

windows10-2004-x64

3

programm/pcicapi.dll

windows7-x64

3

programm/pcicapi.dll

windows10-2004-x64

3

programm/r...ub.exe

windows7-x64

3

programm/r...ub.exe

windows10-2004-x64

3

programm/soft.exe

windows7-x64

10

programm/soft.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1f070563944bd7a8a6182a78aab0b230881ac3d46e45d44eed2e06c16aa22e6c.zip

  • Size

    2.1MB

  • Sample

    240730-sglwrszerg

  • MD5

    f9f00d953e05f1d3bfcd7ba7aa4c3bac

  • SHA1

    cdea42fa34df93711b9a8aa6ce0ff1cbaca5ed4b

  • SHA256

    1f070563944bd7a8a6182a78aab0b230881ac3d46e45d44eed2e06c16aa22e6c

  • SHA512

    06fc6f23f3d1b51f178732fa007d18e91baca89460deca60a5be8f5e56942bab5e5b40efed55025d67eb8e434109d3ce23abb4daf2645e998510e2bbd10e0e88

  • SSDEEP

    49152:8jW0xxyYrp7wVhEBNO9GAeuAGW4XpY2F8cMUCFQOJK02PN8mWLawS6c:8qGISqENOzeuAGrXnF6uolGu4oc

Score
10/10
netsupportdiscoveryrat

Malware Config

Targets

    • Target

      programm/AudioCapture.dll

    • Size

      91KB

    • MD5

      4182f37b9ba1fa315268c669b5335dde

    • SHA1

      2c13da0c10638a5200fed99dcdcf0dc77a599073

    • SHA256

      a74612ae5234d1a8f1263545400668097f9eb6a01dfb8037bc61ca9cae82c5b8

    • SHA512

      4f22ad5679a844f6ed248bf2594af94cf2ed1e5c6c5441f0fb4de766648c17d1641a6ce7c816751f0520a3ae336479c15f3f8b6ebe64a76c38bc28a02ff0f5dc

    • SSDEEP

      1536:wrOxDJs/Ksdl0R1dBmhFXxRpP9JNvbnPUGI:3yXlQmhhHp9J9bnPTI

    Score
    3/10
    discovery
    behavioral1behavioral2

    • Target

      programm/HTCTL32.DLL

    • Size

      320KB

    • MD5

      2d3b207c8a48148296156e5725426c7f

    • SHA1

      ad464eb7cf5c19c8a443ab5b590440b32dbc618f

    • SHA256

      edfe2b923bfb5d1088de1611401f5c35ece91581e71503a5631647ac51f7d796

    • SHA512

      55c791705993b83c9b26a8dbd545d7e149c42ee358ecece638128ee271e85b4fdbfd6fbae61d13533bf39ae752144e2cc2c5edcda955f18c37a785084db0860c

    • SSDEEP

      6144:2ib5YbsXPKXd6ppGpwpbGf30IVFpSzyaHx3/4aY5dUilQpAf84lH0JYBAnM1OK/Y:2ib5YbsXioEgULFpSzya9/lY5SilQCfg

    Score
    3/10
    discovery
    behavioral3behavioral4

    • Target

      programm/PCICHEK.DLL

    • Size

      18KB

    • MD5

      a0b9388c5f18e27266a31f8c5765b263

    • SHA1

      906f7e94f841d464d4da144f7c858fa2160e36db

    • SHA256

      313117e723dda6ea3911faacd23f4405003fb651c73de8deff10b9eb5b4a058a

    • SHA512

      6051a0b22af135b4433474dc7c6f53fb1c06844d0a30ed596a3c6c80644df511b023e140c4878867fa2578c79695fac2eb303aea87c0ecfc15a4ad264bd0b3cd

    • SSDEEP

      192:1ANeiOT8Z2b6SoVF6RRHaPrpF3o47jtd3hfwHjvud3hfwx7bjuh:1ANt+E2exrpxTSDuTuih

    Score
    3/10
    discovery
    behavioral5behavioral6

    • Target

      programm/PCICL32.DLL

    • Size

      3.5MB

    • MD5

      ad51946b1659ed61b76ff4e599e36683

    • SHA1

      dfe2439424886e8acf9fa3ffde6caaf7bfdd583e

    • SHA256

      07a191254362664b3993479a277199f7ea5ee723b6c25803914eedb50250acf4

    • SHA512

      6c30e7793f69508f6d9aa6edcec6930ba361628ef597e32c218e15d80586f5a86d89fcbee63a35eab7b1e0ae26277512f4c1a03df7912f9b7ff9a9a858cf3962

    • SSDEEP

      49152:xOHDe5Yr6tYA4S+DjdwfwBTNZaZQclSpmTIH:xOHDe5YrvS+tBQSEm

    Score
    3/10
    discovery
    behavioral7behavioral8

    • Target

      programm/TCCTL32.DLL

    • Size

      382KB

    • MD5

      405a7bca024d33d7d6464129c1b58451

    • SHA1

      22b64e211d96d773c510ac82e7a73f8debf4e4cd

    • SHA256

      092c3ec01883d3b4b131985b3971f7e2e523252b75f9c2470e0821505c4a3a83

    • SHA512

      3c8d4cbf377a8beb793c93b63d521ccd75167dec02da43bb91434cb6b0737ca2d61fa201f2825fd1a0ceaae768bb53d78f737e7c412aae83d3cdc748893f31e6

    • SSDEEP

      6144:/0pwbUb486Yu0LIFZf4TktH4aY384az44lstAZPVJ4hPueU12jXvbJaS0T9XjJpX:8pwbUb48Ju0LIFZf4Tk2aY3FasNAZtJp

    Score
    3/10
    discovery
    behavioral10behavioral9

    • Target

      programm/msvcr100.dll

    • Size

      755KB

    • MD5

      0e37fbfa79d349d672456923ec5fbbe3

    • SHA1

      4e880fc7625ccf8d9ca799d5b94ce2b1e7597335

    • SHA256

      8793353461826fbd48f25ea8b835be204b758ce7510db2af631b28850355bd18

    • SHA512

      2bea9bd528513a3c6a54beac25096ee200a4e6ccfc2a308ae9cfd1ad8738e2e2defd477d59db527a048e5e9a4fe1fc1d771701de14ef82b4dbcdc90df0387630

    • SSDEEP

      12288:nMmCy3nAgPAxN9ueqix/HEmxsvGrif8ZSy+rdQw2QRAtd74/vmYK6H3BVoe3z:MmCy3KxW3ixPEmxsvGrm8Z6r+JQPzV7z

    Score
    3/10
    discovery
    behavioral11behavioral12

    • Target

      programm/pcicapi.dll

    • Size

      32KB

    • MD5

      dcde2248d19c778a41aa165866dd52d0

    • SHA1

      7ec84be84fe23f0b0093b647538737e1f19ebb03

    • SHA256

      9074fd40ea6a0caa892e6361a6a4e834c2e51e6e98d1ffcda7a9a537594a6917

    • SHA512

      c5d170d420f1aeb9bcd606a282af6e8da04ae45c83d07faaacb73ff2e27f4188b09446ce508620124f6d9b447a40a23620cfb39b79f02b04bb9e513866352166

    • SSDEEP

      768:FFvNhAyi5hHA448qZkSn+EgT8To1iTYiu:FCyoHA448qSSzgI2GQ

    Score
    3/10
    discovery
    behavioral13behavioral14

    • Target

      programm/remcmdstub.exe

    • Size

      61KB

    • MD5

      35da3b727567fab0c7c8426f1261c7f5

    • SHA1

      b71557d67bcd427ef928efce7b6a6529226415e6

    • SHA256

      89027f1449be9ba1e56dd82d13a947cb3ca319adfe9782f4874fbdc26dc59d09

    • SHA512

      14edadceeceb95f5c21fd3a0a349dd2a312d1965268610d6a6067049f34e3577fc96f6ba37b1d6ab8ce21444208c462fa97fab24bbcd77059bc819e12c5efc5a

    • SSDEEP

      1536:bJfanvXuN86jJ9hUHYBlXUYwT24a+yVwQ:lanPGjJTU4IYia+yVX

    Score
    3/10
    discovery
    behavioral15behavioral16

    • Target

      programm/soft.exe

    • Size

      54KB

    • MD5

      4cb25a4d34304410017210125112bc79

    • SHA1

      021f72c016402db9fef4e1953f1b4b7251fea2fb

    • SHA256

      3d15fff559a6279db51ae58202c03167f69797340c4e581a6b5c4898d8e2e244

    • SHA512

      62f32e442f587950223f816fbde09d4eaaea38c5365209894a7df6e3b296153ee480289666904b0feb9996277af750b539f0b8564bbe66e7e822bddc828d6e74

    • SSDEEP

      1536:HtvrImfzoXK6DDvvvDvpvZMt+pan/opglD2:lImfzoXK9/o6o

    Score
    10/10
    netsupportdiscoveryrat

    • NetSupport

      NetSupport is a remote access tool sold as a legitimate system administration software.

      ratnetsupport
    behavioral17behavioral18

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.