General

  • Target

    50c263fc02412062ca239e7419880678f797408a243d0a2140bc7bbb96a716c1.exe

  • Size

    2.2MB

  • Sample

    241101-d7b2xsweqe

  • MD5

    87514bcfa421057dc1575ec1630d78ff

  • SHA1

    012029171ff901f1cb5495059da47143d193923c

  • SHA256

    50c263fc02412062ca239e7419880678f797408a243d0a2140bc7bbb96a716c1

  • SHA512

    0d37d146960abf699a35d8c66d4af38c68af12db62d8548457dc26f6a2e30dd07c3d2599f38befee0720e649b08884daa37961b74ff4e2622840ea3d8237501b

  • SSDEEP

    49152:kDjlabwz9Tvaw2EheBgtpsDf5Log8nUQkFG4tP5Deqk+H1Zf8NNbTs:0qwFvcEhQGa178UnxBkk1ZfWC

Malware Config

Targets

    • Target

      50c263fc02412062ca239e7419880678f797408a243d0a2140bc7bbb96a716c1.exe

    • Size

      2.2MB

    • MD5

      87514bcfa421057dc1575ec1630d78ff

    • SHA1

      012029171ff901f1cb5495059da47143d193923c

    • SHA256

      50c263fc02412062ca239e7419880678f797408a243d0a2140bc7bbb96a716c1

    • SHA512

      0d37d146960abf699a35d8c66d4af38c68af12db62d8548457dc26f6a2e30dd07c3d2599f38befee0720e649b08884daa37961b74ff4e2622840ea3d8237501b

    • SSDEEP

      49152:kDjlabwz9Tvaw2EheBgtpsDf5Log8nUQkFG4tP5Deqk+H1Zf8NNbTs:0qwFvcEhQGa178UnxBkk1ZfWC

    • NetSupport

      NetSupport is a remote access tool sold as a legitimate system administration software.

    • Netsupport family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks