netsupport | b4fc1f1ec4841c672740024138b18332033eec5a8378ee9f6496211a05497bd2 | Triage

Submit
Reports

Overview

overview

Static

static

3

dropper (i...d).zip

windows10-2004-x64

Sharing

General

Target

dropper (infected).zip
Size

2.4MB
Sample

241113-zstjbaslgk
MD5

b8d0924ea981b99d8e856b1f013cfeda
SHA1

e57a6dd63d3186ad6e61bba5e782cce0be589183
SHA256

b4fc1f1ec4841c672740024138b18332033eec5a8378ee9f6496211a05497bd2
SHA512

5216523da5ff0a543a79bdb60bf76ccc287b1f49caf9c7f8748f7b98edfcf72fdd7ccae0edee578fb307cd3e0679eeae2bf86826e47c96d1d580ab7c13741674
SSDEEP

49152:CoEdoCPK4sUz4OOAZJF8m9aMpw6T+rCG0swc/KE1K8mSNNO1pTz3dQXXM:sRmUz35b8EbwY+r9x6ANNOf3+nM

Score

10^/10

netsupport discovery rat

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

dropper (infected).zip

Resource

win10v2004-20241007-en

netsupport discovery rat

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  dropper (infected).zip
- Size
  
  2.4MB
- MD5
  
  b8d0924ea981b99d8e856b1f013cfeda
- SHA1
  
  e57a6dd63d3186ad6e61bba5e782cce0be589183
- SHA256
  
  b4fc1f1ec4841c672740024138b18332033eec5a8378ee9f6496211a05497bd2
- SHA512
  
  5216523da5ff0a543a79bdb60bf76ccc287b1f49caf9c7f8748f7b98edfcf72fdd7ccae0edee578fb307cd3e0679eeae2bf86826e47c96d1d580ab7c13741674
- SSDEEP
  
  49152:CoEdoCPK4sUz4OOAZJF8m9aMpw6T+rCG0swc/KE1K8mSNNO1pTz3dQXXM:sRmUz35b8EbwY+r9x6ANNOf3+nM
Score

10^/10

netsupport discovery rat
- NetSupport
  NetSupport is a remote access tool sold as a legitimate system administration software.
  rat netsupport
- Netsupport family
  netsupport
- Executes dropped EXE
- Loads dropped DLL
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

netsupportdiscoveryrat

© 2018-2024

Terms | Privacy