netsupport | 5a4ea0a10eb47d46ea161a56556a3bf84e2e666aa0ee2cafb687c9c2bc93de83 | Triage

Sharing

General

Target

Folder.zip
Size

2.1MB
Sample

240823-cvgafazhpa
MD5

6e030d6e3e6b161dc99acf87adae8b68
SHA1

acedf0a2bfc711fbc5952b34c5ba9cc3dbe4f9c8
SHA256

5a4ea0a10eb47d46ea161a56556a3bf84e2e666aa0ee2cafb687c9c2bc93de83
SHA512

88ac5c5f45606cbf3834ee64ae92ee1641ebb422d0b676c76da297175e8e0c19fd3297d95907086549b22050e5821f4e5108d5949ce48527f7bf7851d501b5aa
SSDEEP

49152:0qjW0xx/Yrp7yVhEBNO9GAeuAGW4XpY2F8cMUCFQOJK02u38mWLawS6d:NqGlSIENOzeuAGrXnF6uolfM4od

Score

10^/10

netsupport discovery rat

Malware Config

Targets

- Target
  
  Folder/folder.exe
- Size
  
  54KB
- MD5
  
  3fa2ed39ebddec57c1094c394cdac8b7
- SHA1
  
  481a1e85ecbc1a671dbd0dae78e2f124d8471a83
- SHA256
  
  e203906912348bf42942d73d692c3a1c7ae837086b4b2bdc518c1298ba840b05
- SHA512
  
  443a3f0210fd92522eeaf8e4ed5f5144620d91864cd73c4edc5077db3f3a371ecc1020fc34194da864e228af8d362633b786e0d4ef4b87306f3225c462c83b7c
- SSDEEP
  
  1536:HtvrImfzoXK6DDvvvDvpvZMt+pan/opgL52:lImfzoXK9/o6M
Score

10^/10

netsupport discovery rat
- NetSupport
  NetSupport is a remote access tool sold as a legitimate system administration software.
  rat netsupport
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

netsupportdiscoveryrat

behavioral2

netsupportdiscoveryrat