netsupport | bd20a932885760cd6cc9ba78ee3b6d6124875a34a907d0b38d27c056f6fec5e3 | Triage

Sharing

General

Target

7-zip.zip
Size

2.1MB
Sample

240805-w487csvaln
MD5

c6dd9412bd759a5eedf5387ea2e9867b
SHA1

27f9a4019ae1c3c5de6912d28d47bd759144820c
SHA256

bd20a932885760cd6cc9ba78ee3b6d6124875a34a907d0b38d27c056f6fec5e3
SHA512

f150ace81fa4301ccf94218f8237c79338d1aad5e46865717fa34388b56c7369e18c04c5cb29bf8c0d51ef04df5eaa4ab363a7e93006e6fa92815ef864daedd3
SSDEEP

49152:NjW0xxVYrp7AVhEBNO9GAeuAGW4XpY2F8cMUCFQOJK02WH8mWLawS61:NqG7SaENOzeuAGrXnF6uolNc4o1

Score

10^/10

netsupport discovery rat

Malware Config

Targets

- Target
  
  7-zip/7-zip.exe
- Size
  
  54KB
- MD5
  
  9075943d5497843a6baceeb884738a4a
- SHA1
  
  e4b07fceb138c0453fa85b8d906381356b52694d
- SHA256
  
  a4764f2b9bb8923a65752b08d0e4473c4f7b070b4b448750d6292816170bd301
- SHA512
  
  4777d1c27a78ceac2a81822bf9429538827e3389ed491d740096091cd4911471fabfee8ce0b1ded83868d8c1e399ec27142b8356a687b93134532b044dea27ce
- SSDEEP
  
  1536:HtvrImfzoXK6DDvvvDvpvZMt+pan/opgSA2:lImfzoXK9/o6Q
Score

10^/10

netsupport discovery rat
- NetSupport
  NetSupport is a remote access tool sold as a legitimate system administration software.
  rat netsupport
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

netsupportdiscoveryrat

behavioral2

netsupportdiscoveryrat