netsupport | 3d00468448abc115a138a0d7c0e39db72bf3c46ed086926e7b9f1854835676b6 | Triage

Sharing

General

Target

7-zip.zip
Size

3.6MB
Sample

241007-wc12ns1bjl
MD5

d04eaabede0983e9ba0064665d05bd00
SHA1

6727f5ac51db9ad05dd87663df005299c95eda26
SHA256

3d00468448abc115a138a0d7c0e39db72bf3c46ed086926e7b9f1854835676b6
SHA512

dcf1d02d05a702b750d6d3e777081b8fbd0d6259a7cdff69f94569c70437174f9526a347ce02c513ddd55cd2c3b40d595bcd4126ab1c7b8f973b9e8840a27745
SSDEEP

98304:hpowx4xhXFS4fUEqG7S4ENOzeuAGrXnF6uolNc4ol:hpF4bFS6PS3NOuO8736

Score

10^/10

netsupport discovery rat

Malware Config

Targets

- Target
  
  7-zip/7-zip.exe
- Size
  
  54KB
- MD5
  
  7f06dcc4844532ba0d64812e6dca5240
- SHA1
  
  76527c1ddb0bf3e64dd1ce3ff6aa0708e09366e1
- SHA256
  
  ab91de964c96b6a6903fa52419fbb17a2c1fee6817f5704a07db4edc9855e72e
- SHA512
  
  93d1b8f22e30ed55c95493f164052bbc4db2c164dc66300fdb8d72df02bc8d1c01aef8bc5b0f2fc7fb1d3786a31229fdc22cd3f457aaec2d3f5f11760b618156
- SSDEEP
  
  1536:HtvrImfzoXK6DDvvvDvpvZMt+pan/opg6F2:lImfzoXK9/o6d
Score

10^/10

netsupport discovery rat
- NetSupport
  NetSupport is a remote access tool sold as a legitimate system administration software.
  rat netsupport
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

netsupportdiscoveryrat

behavioral2

netsupportdiscoveryrat