netsupport | c769b6a1f249d6bd5ef5b47cc4567671d63441a6eb74bbb8e77316e8758a6167 | Triage

Sharing

General

Target

CCleaner.zip
Size

2.7MB
Sample

240813-tzkl4ayfrk
MD5

6d903847de533a2121afce5044513d3c
SHA1

377919291faaf5c70d3c6408c41ce20d11f897c6
SHA256

c769b6a1f249d6bd5ef5b47cc4567671d63441a6eb74bbb8e77316e8758a6167
SHA512

559fb66c9b394da8df69efdd0b99d297b053672d9aff9fdb938a358858c00d15ca77bf1be2d72fd34acbb386a8dc565bf4b848c0fee5b45957bd74d89097eb6e
SSDEEP

49152:a51Zl6lEDThXBJOhHvh6J6h2SFFGf0RBNTQfYc9jh23eWeB3/YSBm7WIqRRakTS+:E1PFXa/hRFY89YYc9jh23redpmQRJQxI

Score

10^/10

netsupport discovery rat

Malware Config

Targets

- Target
  
  client32.exe
- Size
  
  101KB
- MD5
  
  c4f1b50e3111d29774f7525039ff7086
- SHA1
  
  57539c95cba0986ec8df0fcdea433e7c71b724c6
- SHA256
  
  18df68d1581c11130c139fa52abb74dfd098a9af698a250645d6a4a65efcbf2d
- SHA512
  
  005db65cedaaccc85525fb3cdab090054bb0bb9cc8c37f8210ec060f490c64945a682b5dd5d00a68ac2b8c58894b6e7d938acaa1130c1cc5667e206d38b942c5
- SSDEEP
  
  768:q78j0+RH6e6XhBBxUcnRWIDDDDDDDDDDDDDDDDADDDDDDDDDDDDDDDDDDDDDDXDU:qwpHLiLniepfxP91/bQxnu
Score

10^/10

netsupport discovery rat
- NetSupport
  NetSupport is a remote access tool sold as a legitimate system administration software.
  rat netsupport
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

netsupportdiscoveryrat

behavioral2

netsupportdiscoveryrat