Overview

overview

10

Static

static

1

URLScan

urlscan

http://www.youtube.c...

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    http://www.youtube.com/watch?v=Qabajxy0OKY

  • Sample

    241022-2aqqtazarl

Score
10/10
netsupportdiscoveryexecutionpersistencerat

Malware Config

Targets

    • Target

      http://www.youtube.com/watch?v=Qabajxy0OKY

    Score
    10/10
    netsupportdiscoveryexecutionpersistencerat

    • NetSupport

      NetSupport is a remote access tool sold as a legitimate system administration software.

      ratnetsupport

    • Blocklisted process makes network request

    • Command and Scripting Interpreter: PowerShell

      Powershell Invoke Web Request.

      execution

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks