General
-
Target
8c212afb791c86eb2f4b90cd486ce5654c15c4b33b3ad59dac98196c7e452867.exe
-
Size
9.0MB
-
Sample
241222-sywsasslcs
-
MD5
0fb931e52d007389417c451fc26f4115
-
SHA1
05926430738eac103b1bc0170ad636aca18241c1
-
SHA256
8c212afb791c86eb2f4b90cd486ce5654c15c4b33b3ad59dac98196c7e452867
-
SHA512
152296c83aa0923dd8ada3a531730fb88fc55360b76c81e558bddc7eab48b5a97ab4a23fe073718acaca83301c30cf046bf4d52c3abe7d89c1b1b0ef8466f4b4
-
SSDEEP
196608:r7L9VGYA1HeT39IigwTauDXURuA7SEXqj4r+jIR:fJo1+TtIiF2uARuA28qj4r62
Behavioral task
behavioral1
Sample
8c212afb791c86eb2f4b90cd486ce5654c15c4b33b3ad59dac98196c7e452867.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
8c212afb791c86eb2f4b90cd486ce5654c15c4b33b3ad59dac98196c7e452867.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
8c212afb791c86eb2f4b90cd486ce5654c15c4b33b3ad59dac98196c7e452867.exe
-
Size
9.0MB
-
MD5
0fb931e52d007389417c451fc26f4115
-
SHA1
05926430738eac103b1bc0170ad636aca18241c1
-
SHA256
8c212afb791c86eb2f4b90cd486ce5654c15c4b33b3ad59dac98196c7e452867
-
SHA512
152296c83aa0923dd8ada3a531730fb88fc55360b76c81e558bddc7eab48b5a97ab4a23fe073718acaca83301c30cf046bf4d52c3abe7d89c1b1b0ef8466f4b4
-
SSDEEP
196608:r7L9VGYA1HeT39IigwTauDXURuA7SEXqj4r+jIR:fJo1+TtIiF2uARuA28qj4r62
Score10/10-
NetSupport
NetSupport is a remote access tool sold as a legitimate system administration software.
-
Netsupport family
-
Command and Scripting Interpreter: PowerShell
Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-