Overview

overview

10

Static

static

1

5afc9b30c5...7c.exe

windows7-x64

10

5afc9b30c5...7c.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5afc9b30c522545344b315c66f210f789bd0b54ad01617a6291feef466e89a7c.exe

  • Size

    6.9MB

  • Sample

    250322-db2ygazpz6

  • MD5

    07a87aa24009a2a678e6b17360637996

  • SHA1

    d0649a12eb108c99e45a3423dd10bf91c7b01215

  • SHA256

    5afc9b30c522545344b315c66f210f789bd0b54ad01617a6291feef466e89a7c

  • SHA512

    2f94d1e74e2507633e8d66e1c542c49c1037dc437b3205cdd1931887691d4e7eb02071b9faa00dc59be281ae3f1433199cbe79dde732fc1e3459a440ae22b6cd

  • SSDEEP

    98304:IKnLMbqxElIEDE+rOlMgdhC4NExt7ov8bt4HS6WrcK2+:IRbqSl9w+KlMqc4LUQS66c

Score
10/10
netsupportdiscoverypersistencerat

Malware Config

Targets

    • Target

      5afc9b30c522545344b315c66f210f789bd0b54ad01617a6291feef466e89a7c.exe

    • Size

      6.9MB

    • MD5

      07a87aa24009a2a678e6b17360637996

    • SHA1

      d0649a12eb108c99e45a3423dd10bf91c7b01215

    • SHA256

      5afc9b30c522545344b315c66f210f789bd0b54ad01617a6291feef466e89a7c

    • SHA512

      2f94d1e74e2507633e8d66e1c542c49c1037dc437b3205cdd1931887691d4e7eb02071b9faa00dc59be281ae3f1433199cbe79dde732fc1e3459a440ae22b6cd

    • SSDEEP

      98304:IKnLMbqxElIEDE+rOlMgdhC4NExt7ov8bt4HS6WrcK2+:IRbqSl9w+KlMqc4LUQS66c

    Score
    10/10
    netsupportdiscoverypersistencerat

    • NetSupport

      NetSupport is a remote access tool sold as a legitimate system administration software.

      ratnetsupport

    • Netsupport family

      netsupport

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks