Overview

overview

10

Static

static

1

file.exe

windows7-x64

10

file.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    file.exe

  • Size

    672.0MB

  • Sample

    241104-m3snjsykat

  • MD5

    2317a9b2d6251c4584c704a45cd28a7d

  • SHA1

    bcba0deb1f26eaa23d25851958bded4b7b820803

  • SHA256

    0de9d11dc03f8927cabdf869b2bc48ea3536ec8c4f0f3b6eb87c86b976267965

  • SHA512

    da934440092785452715f78e0aaf66ab88ab08dc401ee634e08dc1bd8a03e87a6773d46ef623944e0a700a949c375513d0a5b65ceaba66ea5f1c8c83806c2696

  • SSDEEP

    12582912:X98vMvMvMvMvMvMvMvMvaVSsDLAVSsDLAVSsDLAVSsDLAVSsDLAVSsDLavMvMvMX:toYYYYYYYYa8sD88sD88sD88sD88sD8T

Score
10/10
netsupportdiscoveryrat

Malware Config

Targets

    • Target

      file.exe

    • Size

      672.0MB

    • MD5

      2317a9b2d6251c4584c704a45cd28a7d

    • SHA1

      bcba0deb1f26eaa23d25851958bded4b7b820803

    • SHA256

      0de9d11dc03f8927cabdf869b2bc48ea3536ec8c4f0f3b6eb87c86b976267965

    • SHA512

      da934440092785452715f78e0aaf66ab88ab08dc401ee634e08dc1bd8a03e87a6773d46ef623944e0a700a949c375513d0a5b65ceaba66ea5f1c8c83806c2696

    • SSDEEP

      12582912:X98vMvMvMvMvMvMvMvMvaVSsDLAVSsDLAVSsDLAVSsDLAVSsDLAVSsDLavMvMvMX:toYYYYYYYYa8sD88sD88sD88sD88sD8T

    Score
    10/10
    netsupportdiscoveryrat

    • NetSupport

      NetSupport is a remote access tool sold as a legitimate system administration software.

      ratnetsupport

    • Netsupport family

      netsupport

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks