netsupport | e445c8b17ef3a76f8aa512d21008805b7d1b9ae57631a789ef68830ec301f54a | Triage

Submit
Reports

Overview

overview

Static

static

3

client32.exe

windows10-2004-x64

Sharing

General

Target

analytics.zip
Size

4.3MB
Sample

250401-nyrfcsx1ht
MD5

becaaa7eda0871399ae47302bd93361d
SHA1

628879e04b924039b29c94ea47c5c64fc9314d92
SHA256

e445c8b17ef3a76f8aa512d21008805b7d1b9ae57631a789ef68830ec301f54a
SHA512

e3c897b42627326c3d7f9fdca029d0ed114df214bcb3eb9f7a442738f83bced2354b74893abf440fccb1f4ea03a536529014551fe381d69b226ef84d20930cb8
SSDEEP

98304:oUq3yNaVBf2UFphec4Qk+oocetfU1KxLLiuTqXa3aYsT:ovyN+Bvjec4t+J/tfYKxPhTzqYsT

Score

10^/10

netsupport discovery rat

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

client32.exe

Resource

win10v2004-20250314-en

netsupport discovery rat

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  client32.exe
- Size
  
  117KB
- MD5
  
  1c19c2e97c5e6b30de69ee684e6e5589
- SHA1
  
  5734ef7f9e4dba0639c98881e00f03eea35a62ee
- SHA256
  
  312a0e4db34a40cb95ba1fac8bf87deb45d0c5f048d38ac65eb060273b07df67
- SHA512
  
  ab7240b81be04f1bced47701a5791bbeedcba6037ee936327478c304aa1ce5ae75856ca7f568f909f847e27db2a6b9c08db7cc1057a18fab14a39a5854f15cba
- SSDEEP
  
  768:mfVZl6FhWr80/Lqar2pe/KLKFKcMkuNr2pe/PNKFKcMkM:m70hGTqaee/CIr4ee/VIrI
Score

10^/10

netsupport discovery rat
- NetSupport
  NetSupport is a remote access tool sold as a legitimate system administration software.
  rat netsupport
- Netsupport family
  netsupport
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

netsupportdiscoveryrat

© 2018-2025

Terms | Privacy