General
-
Target
34f9665f6e9f5eae331a1a0fd3f9f07c4848aea1c9c3f9f57cc5a2cd44f4b0b2.exe
-
Size
12.3MB
-
Sample
250308-fza6rssly8
-
MD5
497dd79c09ba9ff77464f13f08deefdc
-
SHA1
0cb617498da151695bc98dae0c56daba1242238a
-
SHA256
34f9665f6e9f5eae331a1a0fd3f9f07c4848aea1c9c3f9f57cc5a2cd44f4b0b2
-
SHA512
d5cde52954aee49abb29bc55b2df0dc6605cd457115908d41cb0f5a4ca21edb240deeaadf2cd90a6e52f533429e1653374cc247b7b8ad87631e3443ebb0db9cb
-
SSDEEP
393216:2SLRuwq3Obs2ClJ1+TtIiF7uARuAUax6F4JH:zduwq3ObRqJ1QtIIuAkax6F4JH
Behavioral task
behavioral1
Sample
34f9665f6e9f5eae331a1a0fd3f9f07c4848aea1c9c3f9f57cc5a2cd44f4b0b2.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
34f9665f6e9f5eae331a1a0fd3f9f07c4848aea1c9c3f9f57cc5a2cd44f4b0b2.exe
Resource
win10v2004-20250217-en
Malware Config
Targets
-
-
Target
34f9665f6e9f5eae331a1a0fd3f9f07c4848aea1c9c3f9f57cc5a2cd44f4b0b2.exe
-
Size
12.3MB
-
MD5
497dd79c09ba9ff77464f13f08deefdc
-
SHA1
0cb617498da151695bc98dae0c56daba1242238a
-
SHA256
34f9665f6e9f5eae331a1a0fd3f9f07c4848aea1c9c3f9f57cc5a2cd44f4b0b2
-
SHA512
d5cde52954aee49abb29bc55b2df0dc6605cd457115908d41cb0f5a4ca21edb240deeaadf2cd90a6e52f533429e1653374cc247b7b8ad87631e3443ebb0db9cb
-
SSDEEP
393216:2SLRuwq3Obs2ClJ1+TtIiF7uARuAUax6F4JH:zduwq3ObRqJ1QtIIuAkax6F4JH
Score10/10-
NetSupport
NetSupport is a remote access tool sold as a legitimate system administration software.
-
Netsupport family
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-