netsupport | 28e4442eabab185845bd627573008026c021389c0475d27b5dfcfdeada8f7454 | Triage

Submit
Reports

Overview

overview

Static

static

1

nss_lock_image.png

windows10-2004-x64

Resubmissions

06-02-2025 12:06

250206-n93yjawnbn 10

Sharing

General

Target

nss_lock_image.png
Size

406KB
Sample

250206-n93yjawnbn
MD5

c30667dc34e4c3ee3fab434a66b630b2
SHA1

16d65e159b4effa474e906dcac1996fde24dec85
SHA256

28e4442eabab185845bd627573008026c021389c0475d27b5dfcfdeada8f7454
SHA512

193ff947860ffbcac51ead891917d4c691d0cbab58ff761abbe311c461bdb6555c4e8b82c5d8984fa5cc6e31efcccf135b70567ddba2fa94cd5bb203b8efb4e0
SSDEEP

12288:YV6AyNEbj4F1jharaki3ZadUcsJZvRne4k1G4uqw:GENsSNJoUckZvkB1lw

Score

10^/10

netsupport discovery rat

Static task

static1

Behavioral task

behavioral1

Sample

nss_lock_image.png

Resource

win10v2004-20241007-en

netsupport discovery rat

windows10-2004-x64

20 signatures

150 seconds

Malware Config

Targets

- Target
  
  nss_lock_image.png
- Size
  
  406KB
- MD5
  
  c30667dc34e4c3ee3fab434a66b630b2
- SHA1
  
  16d65e159b4effa474e906dcac1996fde24dec85
- SHA256
  
  28e4442eabab185845bd627573008026c021389c0475d27b5dfcfdeada8f7454
- SHA512
  
  193ff947860ffbcac51ead891917d4c691d0cbab58ff761abbe311c461bdb6555c4e8b82c5d8984fa5cc6e31efcccf135b70567ddba2fa94cd5bb203b8efb4e0
- SSDEEP
  
  12288:YV6AyNEbj4F1jharaki3ZadUcsJZvRne4k1G4uqw:GENsSNJoUckZvkB1lw
Score

10^/10

netsupport discovery rat
- NetSupport
  NetSupport is a remote access tool sold as a legitimate system administration software.
  rat netsupport
- Netsupport family
  netsupport
- Executes dropped EXE
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

netsupportdiscoveryrat

© 2018-2025

Terms | Privacy