netsupport | 05e971644f982bad382bab47fb7831417bf1e526661a9128e1793b396d18db7b | Triage

Submit
Reports

Overview

overview

Static

static

3

getuname.zip

windows10-2004-x64

Sharing

General

Target

getuname.zip
Size

3.1MB
Sample

250326-q2m88axq15
MD5

16b13445843c75d166f34120691de87c
SHA1

060926e71b593d955e796e5b61396bc260318371
SHA256

05e971644f982bad382bab47fb7831417bf1e526661a9128e1793b396d18db7b
SHA512

72d0222fdc3193e2a1d6d50fbc04466fd1c0fb9dc2112d6ade05389b8d258dce551339a93a71188149d431b73526c2cae1be16b269c1dffc9f51b428f239ec3b
SSDEEP

98304:7NaVx9kGrbRboocCY4aJPpc3AM/85dqNkqVF:7N+oGJbJa43AMcnqj

Score

10^/10

netsupport discovery rat

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

getuname.zip

Resource

win10v2004-20250313-en

netsupport discovery rat

windows10-2004-x64

11 signatures

300 seconds

Malware Config

Targets

- Target
  
  getuname.zip
- Size
  
  3.1MB
- MD5
  
  16b13445843c75d166f34120691de87c
- SHA1
  
  060926e71b593d955e796e5b61396bc260318371
- SHA256
  
  05e971644f982bad382bab47fb7831417bf1e526661a9128e1793b396d18db7b
- SHA512
  
  72d0222fdc3193e2a1d6d50fbc04466fd1c0fb9dc2112d6ade05389b8d258dce551339a93a71188149d431b73526c2cae1be16b269c1dffc9f51b428f239ec3b
- SSDEEP
  
  98304:7NaVx9kGrbRboocCY4aJPpc3AM/85dqNkqVF:7N+oGJbJa43AMcnqj
Score

10^/10

netsupport discovery rat
- NetSupport
  NetSupport is a remote access tool sold as a legitimate system administration software.
  rat netsupport
- Netsupport family
  netsupport
- Executes dropped EXE
- Loads dropped DLL
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

netsupportdiscoveryrat

© 2018-2025

Terms | Privacy