netsupport

Sharing

Copy URL

Twitter E-mail

General

Target

Wia64.zip
Size

3.6MB
Sample

250407-w3ew5azqs6
MD5

108b891e5a2447554f4347adada2fb79
SHA1

735e6c7206d7e5b74b28fa759d09ce83ccd4d969
SHA256

d97a186d7a7d86fd4266226ce416dd67d6dc618662fc300715156d88c8c6c1ea
SHA512

a01e30a49c3a0fc69b3d08a0c5baecdcc4e3a8b85aba6fc142f2f6c24b8eed0aab4bbddf913c84d130aca090d6a7aae571550b657294f9058fc24f8272dff0f1
SSDEEP

98304:TNaVhphec4QkOoocOtfU1KxLLSuCH9bLTWUq3q+yFYsl:TN+hjec4tOJPtfYKxPYjWvdW

Score

10^/10

Malware Config

Targets

- Target
  
  AudioCapture.dll
- Size
  
  76KB
- MD5
  
  2a82792f7b45d537edfe58eb758c1197
- SHA1
  
  a039182d4d1ef29c6d8c238f20f7b8218c28f90c
- SHA256
  
  05aa13a6c1d18f691e552f04a996960917202a322d0dacfd330e553ad56978ed
- SHA512
  
  c6c6799b386e0d6489d9346f1d403b03b9425572e7418a93a72c413a4b9413945aaf4ea97a7d7b65772e5e3f00cff65f180f6fef51a26d4fdc2ff063816b5386
- SSDEEP
  
  1536:96Y+zbZm8/v/k957pyPkLDfORFMTlrSWqNj5CdnTrioQ+ywlj5CdnTXZQ+8iA:96Y+HQ8/3k9RppYFclrLqNj5CdnTrIwp
Score

3^/10

discovery
behavioral1
- Target
  
  HTCTL32.DLL
- Size
  
  306KB
- MD5
  
  3eed18b47412d3f91a394ae880b56ed2
- SHA1
  
  1b521a3ed4a577a33cce78eee627ae02445694ab
- SHA256
  
  13a17f2ad9288aac8941d895251604beb9524fa3c65c781197841ee15480a13f
- SHA512
  
  835f35af4fd241caa8b6a639626b8762db8525ccceb43afe8fffc24dffad76ca10852a5a8e9fc114bfbf7d1dc1950130a67037fc09b63a74374517a1f5448990
- SSDEEP
  
  6144:Jd0nVF1ZtRq6itu9i3uxUnNPhMKj8TwFIKhJ08fvF0dGhZUbol:JYZrokUnNPhMY8TwFIcJB0i
Score

3^/10

discovery
behavioral2
- Target
  
  KBDTAM99.DLL
- Size
  
  7KB
- MD5
  
  ccc736781cf4a49f42cd07c703b3a18b
- SHA1
  
  6ad817d7e8b7e9dc978763305a4cd4f1ab9abb66
- SHA256
  
  000c4b5b50966634df58078511794f83690d693fccf2aca5c970c20981b29556
- SHA512
  
  39245c4ba554a5a178310af2b8578401360bf60efda427332249eca02d6d65e4b419270ba648e4ad36aacca810133f8e4404372dee98a3648c1e4a9b85dedccb
- SSDEEP
  
  96:Ze+NFyw5fGU1irzSJ39uEMpi4nKW8cWwBvv:ZrNgUiyJ393W8cWq
Score

1^/10
behavioral3
- Target
  
  PCICHEK.DLL
- Size
  
  27KB
- MD5
  
  e311935a26ee920d5b7176cfa469253c
- SHA1
  
  eda6c815a02c4c91c9aacd819dc06e32ececf8f0
- SHA256
  
  0038ab626624fa2df9f65dd5e310b1206a9cd4d8ab7e65fb091cc25f13ebd34e
- SHA512
  
  48164e8841cfc91f4cbf4d3291d4f359518d081d9079a7995378f970e4085b534f4bafc15b83f4824cc79b5a1e54457b879963589b1acbcfe727a03eb3dffd1c
- SSDEEP
  
  768:X52mBHj1XCdnJ8EriRGp9E+l/kaTj1XCdnJ8EZp9E+8iROA:JPBHj5CdnTrioQ+l/kaTj5CdnTZQ+8iX
Score

3^/10

discovery
behavioral4
- Target
  
  PCICL32.DLL
- Size
  
  3.3MB
- MD5
  
  1274cca13cc5e37ca94d35e5b0673e89
- SHA1
  
  a8754c94f88273c304bc45a5afd61a383bb52117
- SHA256
  
  cd5510c8bc7ea60be77ad4aab502ee02d871bf4e917aeeb6921c20eebd9693dd
- SHA512
  
  52eafa31ee942dc92d0b8f52c12206f6abc1d5fae799b37b371e97c38ce66bd0693263de86b4880748ba1405054701288caf2cd00cd327edc164e1390cf9191c
- SSDEEP
  
  49152:MTKIG4K8I37tlHf2ikvy7V/lE8gHT4RaCg6cOWSbWc/id:MTKIG4D+tlHfnR/lE8tHgkWSP/i
Score

3^/10

discovery
behavioral5
- Target
  
  TsUsbRedirectionGroupPolicyExtension.dll
- Size
  
  13KB
- MD5
  
  d89cda3ff8427da82de6cce39008c5bc
- SHA1
  
  33889517517b8953707796d12d6907b039c715d1
- SHA256
  
  f44cc1e23d0d192dcfd84069b27704cd0b2a8e7720eee43656f57cb474433762
- SHA512
  
  4a73be7228960719236f39abc6dba7741498d3a3539f7bcc31b6d28a2574e41e4f85e6c2e0fbcffe9ba3b6a646fa3fa078adc0a53c46a4676b871fb92e11fe4f
- SSDEEP
  
  192:wWMcTgQEri3hPkpzRK7KVM6cqm+saSLysnlsam4oIWa+W8:wWpTgTu3ypzRo61mVag9Jm4oIWa+W
Score

6^/10

persistence
- Adds Run key to start application
  persistence
behavioral6
- Target
  
  WiaExtensionHost64.dll
- Size
  
  11KB
- MD5
  
  5d084613c0e5c8c3022d9e0f316b0e23
- SHA1
  
  784dd38d9e553eb4b8955320fb596ae4e6854f23
- SHA256
  
  07bc4dc48d5d9bcc2ce52ca8a0f925ca021092dc34cb811e183cbc0d32e576ba
- SHA512
  
  263d3de392b5a4e40e9fbd791062b2731f27410e977dbdacb61810d1a1c2cf24658d8abf5d09a99a18ff7a87c122d9b6744d40723c1637621c5feb327fad752a
- SSDEEP
  
  192:A21YiMppUPSz/pO6IsVTHzdZpCIdglelWWaCtW:AviMppB/w6NTTbXlWWaCtW
Score

1^/10
behavioral7
- Target
  
  client32.exe
- Size
  
  117KB
- MD5
  
  1c19c2e97c5e6b30de69ee684e6e5589
- SHA1
  
  5734ef7f9e4dba0639c98881e00f03eea35a62ee
- SHA256
  
  312a0e4db34a40cb95ba1fac8bf87deb45d0c5f048d38ac65eb060273b07df67
- SHA512
  
  ab7240b81be04f1bced47701a5791bbeedcba6037ee936327478c304aa1ce5ae75856ca7f568f909f847e27db2a6b9c08db7cc1057a18fab14a39a5854f15cba
- SSDEEP
  
  768:mfVZl6FhWr80/Lqar2pe/KLKFKcMkuNr2pe/PNKFKcMkM:m70hGTqaee/CIr4ee/VIrI
Score

10^/10

netsupport discovery rat
- NetSupport
  NetSupport is a remote access tool sold as a legitimate system administration software.
  rat netsupport
- Netsupport family
  netsupport
behavioral8
- Target
  
  comcat.dll
- Size
  
  10KB
- MD5
  
  835ff05a3f5e16e0fe41e515ea398bd4
- SHA1
  
  e025cb17bbb01a1b5715ebbc745272a8611dae6c
- SHA256
  
  8dcfb1e6aa965df4bd4c0551d03bdfd6472c80219ada4671910958688fbb4ab6
- SHA512
  
  e6a7002316b05759c433b3e0516843a14199ee4b23315d799b533a52f9932f4715fc8aa5fae96892901ac67f0dae6d239eb37fc722558cb7c9dd906564719cd1
- SSDEEP
  
  96:j6cuh8B0DNcU2QD6SNkdSWn+smK/4W70ADlqNXEWPT0lF+WwUL:jLuTkDSNkQ+h4WoADlBW7a+W
Score

1^/10
behavioral9
- Target
  
  getuname.dll
- Size
  
  11KB
- MD5
  
  91c68038bfc064ea8fb6d432acd38ee0
- SHA1
  
  4df7e33b6e325f31231eaaab366e2e710955babb
- SHA256
  
  68de057c4175d4c94afa2acb2abc1a9ccac04a3ceb8e84c33f7f414bb8b0eeb6
- SHA512
  
  002aef67593058c88b980a4107f1ca4ddfec5268456f76d1d358179e00ea2a0cd64c93fb31a7e78055885cfd508c90a7b19c6c6fa7a5a3c3ffa305677a0955d2
- SSDEEP
  
  192:f3emo46V4w9263FeVpszrEc3YDtmWIdW:Vocw99e8YRmWIdW
Score

1^/10
behavioral10
- Target
  
  ifsutilx.dll
- Size
  
  16KB
- MD5
  
  27a7213091cda31e84967bead4d29bd1
- SHA1
  
  e705e0fd25167c8cdaf984f067e3bdf4be8558d3
- SHA256
  
  42214053995b6188b2e20935ca8c92af77639f0d5541a132920a5cba2cfcbde6
- SHA512
  
  a16ee540cad2661f3d31071aed3b2f30ea5c0f068f51a350ef693fb83df30ce97ea4701714091ed0ef4a0806d908d93691beb0d8060b5ec73f62422477c8f3ce
- SSDEEP
  
  192:peIxDV4pntj/Hi3SbYMS9HERLChPjuARtNlvJy7VfYN7EcX2D1WsZW:peIxp4pntja35JExChjhtWYNZ2xWsZW
Score

1^/10
behavioral11
- Target
  
  libEGL.dll
- Size
  
  493KB
- MD5
  
  4291d4ba9edbcf567fb9f2397c168431
- SHA1
  
  9903889a223dd4083ad011060d3b9fcefa34953f
- SHA256
  
  fd626c18e2c6ae437d288dfb5a9f4039bd5a3a68d01183a18cc25fb37ca48cd7
- SHA512
  
  fab2151159973e6ce6ef8759548a44be8d09ca7577c451391c26d7d384f2efebfc0554b14e9fafa53428adf8f61deb27b32d001a58b2d94b1e1af20023caf26d
- SSDEEP
  
  12288:i4ufaxKM0UUQLjS2K0oa2fVE1M8mCL55ZHb3:/xKM0UUPooFa5ZHT
Score

1^/10
behavioral12
- Target
  
  libssp-0.dll
- Size
  
  15KB
- MD5
  
  d37b46aaa0276d199d13ddbc06b53fb6
- SHA1
  
  5b37e302e826488bca5f29a1fe6c9d3e3037979e
- SHA256
  
  e1b206a63410bdb6d91a7a61941e7329b3309d93d43b4a1d35df890713c0a1f1
- SHA512
  
  819a5cd39f61f2de2203029fc2788612a2355b85c7f9f499a9e72cb4ef5c182610d72e8a0a592eac9e006853e5fd993ea471d5d1f2be5af9ea5367e3e2d8f7b0
- SSDEEP
  
  192:sYRdUKvxkxqf6JAHTRhrrgDdVnwqKfIPf+91wjQtOqH7UaG8xBtq:lRdfEOpzRhr0frckf+PhtOqbBxBtq
Score

1^/10
behavioral13
- Target
  
  libwinpthread-1.dll
- Size
  
  54KB
- MD5
  
  ec5d913ae28217edee26445e1c151aa5
- SHA1
  
  db042629b0d6dfe7281fcd773c51e7e9d2304a60
- SHA256
  
  1328d7628ec5aeeb2ed7489cc1a3b11a242018d30e073e530356f0c1756505ca
- SHA512
  
  7b9b234da3061431488e3ac24c5e2a9842e00c8c57fc19ff34a32c32cac32707a7c40f4ad2b1b835b23e43a2c74ccd78b127af737126f33ca3d961d3e31d121c
- SSDEEP
  
  768:JH2fEUrzSpNTGxJRo4ajA1/0BiqMw+iescZ7SzORRRMwRHrzPm3YTL3dU:QfFrixgaU1Zp7xvHzPm3YPdU
Score

1^/10
behavioral14
- Target
  
  mprext.dll
- Size
  
  13KB
- MD5
  
  0eabd6ab464758f058fc039a47f61750
- SHA1
  
  51bc562a59e565e3f39a54e4c788896b8803354b
- SHA256
  
  f96e8d99b736e4ce7997bb1de65d88c32e16f1f725d8bd98f52c39a02969fd87
- SHA512
  
  f5a038615ecbb72072ef2a72d166cabbfd26aa879f28c911a26db71581cb8b93b7554b1cfa1517b063fdc5f942281e7d409e70c998b8273fe9ee6a0fc61a00fb
- SSDEEP
  
  192:t2sVilvoSG4X6ryFKdEwFQnuyfc38EcX6mWf3W:t7Vilvo74XAyOFQfc3U6mWf3W
Score

1^/10
behavioral15
- Target
  
  msidle.dll
- Size
  
  11KB
- MD5
  
  b1c1bb1ef2ac2d739aeaed77c33c1848
- SHA1
  
  efa181a1ea01e02cd44614f80259ce794b7a455c
- SHA256
  
  cd8d7caebfeb4eb9124ba3e025aff68dde554a8dd6b3365654bf936200c4e563
- SHA512
  
  f4e24c508248e6f331aa16ed01c7cdc6cebbc4cd09dfa9f511d02544e2c04eb36c9480ae71d9ddef039a1e9d6e0324179a9ba0f1c323e20c4bbf813a154e2fc0
- SSDEEP
  
  192:PtHC6MRyx1TTmcWOznzYuhcGZtEclABY5Wx46QuW:g68yx13maLX1ZhAa5Wx46zW
Score

1^/10
behavioral16
- Target
  
  msidntld.dll
- Size
  
  5KB
- MD5
  
  504e51418d856d664db23dd55a61352d
- SHA1
  
  522c0fb1ed2b9594e7a2aab9481883da57d8ca23
- SHA256
  
  f190e142f402de460455ff2d1835294a3e118ba74d76aa092af49372bb9b76f4
- SHA512
  
  28bebb26eeb8ba97fb0ac8cc4869576d3cc58cd7c0fdce988f6fe160c7b426c2a3906799ca021a65a26394cba266dfa3d3e58790ec41c7eb7ecd0fbd89d6e0db
- SSDEEP
  
  48:Cc9m3IIuHkvrQ5yHqO2JsYa3yBk2lFIZWxHtNukt685WwHg6ab:Rm4ZEvrU/bTaiy2HEWhtDdWw3
Score

1^/10
behavioral17
- Target
  
  msvcr100.dll
- Size
  
  755KB
- MD5
  
  0e37fbfa79d349d672456923ec5fbbe3
- SHA1
  
  4e880fc7625ccf8d9ca799d5b94ce2b1e7597335
- SHA256
  
  8793353461826fbd48f25ea8b835be204b758ce7510db2af631b28850355bd18
- SHA512
  
  2bea9bd528513a3c6a54beac25096ee200a4e6ccfc2a308ae9cfd1ad8738e2e2defd477d59db527a048e5e9a4fe1fc1d771701de14ef82b4dbcdc90df0387630
- SSDEEP
  
  12288:nMmCy3nAgPAxN9ueqix/HEmxsvGrif8ZSy+rdQw2QRAtd74/vmYK6H3BVoe3z:MmCy3KxW3ixPEmxsvGrm8Z6r+JQPzV7z
Score

3^/10

discovery
behavioral18
- Target
  
  neth.dll
- Size
  
  2KB
- MD5
  
  26bf659dc283cd389baad0ca54c1abca
- SHA1
  
  b386c4c9400880ec8315a93af0c5b38db6be9abd
- SHA256
  
  ad2310e7f3ba73c29872a14826f6a5118765a4c6b67a57168a336c05365dd152
- SHA512
  
  871449eb6b24a9d13134ca2d45f0839a2a417517969d1c7029219570aaee932e27026b29987553d41c58c13f265cf2a406442e21db54a07fb2555392cc4bf19f
Score

1^/10
behavioral19
- Target
  
  netmsg.dll
- Size
  
  2KB
- MD5
  
  176e3d19f665faefd5c5f892cb310ac8
- SHA1
  
  da39984d4f8522ae694cb310a64282f150aa3b26
- SHA256
  
  6ff38f25cbf31af03633654469c67024df13bf59b1ed9fa29597c4d6cc5a624d
- SHA512
  
  4cacf6f1277a563ae80fff86c277580d9d570a53ef75ca7cd27e63bf33c2d0a4795eeff0696cadfec619018c6c9fd1b9f023ce7694e3a847e534cf7a24a8a19f
Score

1^/10
behavioral20
- Target
  
  panmap.dll
- Size
  
  14KB
- MD5
  
  c3f21a1cc9dc3cccc38491da27273f11
- SHA1
  
  b59cd05fa587eb37993e87359d26a9210beebb01
- SHA256
  
  cdb271b988bf3dc272ad93c272c446efa981c93fe19b7cbee8d2f01fb058a005
- SHA512
  
  a0d882bde23d545f37395311639b78123a1108c022d866d86fb449992387cb7e53fa4b4a54c0e53d74c3e31a9220a9e15a3058158df851cf598bf7e520b3e7b2
- SSDEEP
  
  384:fRGwUPvXMv34d8TCw0Y957Ua8ZHgDITnWNaW:lOKT79BUFZHgMT6
Score

1^/10
behavioral21
- Target
  
  pcicapi.dll
- Size
  
  44KB
- MD5
  
  9daa86d91a18131d5caf49d14fb8b6f2
- SHA1
  
  6b2f7ceb6157909e114a2b05a48a1a2606b5caf1
- SHA256
  
  1716640cce74322f7ee3e3e02b75cd53b91686f66e389d606dab01bd9f88c557
- SHA512
  
  9a98e0d9e2dda8aefa54bddb3c7b71501d638dff68863939de6caa117b0e7bf15e581a75419ef8a0da3f1c56a19f1b0f4c86d65f8581773ab88ff5764b9bb3aa
- SSDEEP
  
  768:3o6OZSOe0iI6IdE+OPCH4mf6u0Qn+6wwbiRGp9E+yhwBkbp9E+8iROr:3o6mSOqIqPCYmfRnlwwbioQ+yhwBkbQ1
Score

3^/10

discovery
behavioral22
- Target
  
  prflbmsg.dll
- Size
  
  13KB
- MD5
  
  54fb96ffb3e2984755f82cfff72e317a
- SHA1
  
  e569e22624267b38abfe33a452a1f7657848ea13
- SHA256
  
  73b88e1238ab71ed4142952f06e49d230f611c28ceeac263820f6af148d2965b
- SHA512
  
  105e5353ea3db3c90e5d2a7ad0ee0dea52d648e61c0a34a2ee507a3393ec3c925d15e96eab59cd186ecd2d9322211de886058db88ccd8b6ea706884d0eb632d3
- SSDEEP
  
  192:sW3KWeyBV+b/Es/yppToazeoeWKCS3v4b//kbIFx7/j:sW3KWNiURBajQb3kbSj
Score

1^/10
behavioral23
- Target
  
  provdiagnostics.dll
- Size
  
  21KB
- MD5
  
  81bd7399ef847e73954ae785471ac5b8
- SHA1
  
  3557ec236de42c3c1221898ae1e1dcee3fb40dad
- SHA256
  
  b7eb4c207979e5c4311e8c7553cf478129c5ede51bf93f4f53a99ab63c6029a2
- SHA512
  
  9bc2261001c4483aeed4c19ae089693fc0b220f784813ad64b9cdef97207d78a5d9b338ba85f8dc99752d87d4b4d73f90bb9db95cd16084c81ab8a25c738255a
- SSDEEP
  
  192:dp/gBLEz6cNFD34trWzWWriOsEbaDkwJJBR8Hcote4ie1dEs9oUgyq2o/6H:d1gA6kQrWzWWOOsEbab+06D7M
Score

1^/10
behavioral24
- Target
  
  redist/miles/Mp3dec.asi
- Size
  
  128KB
- MD5
  
  33d5be387734c43f2370ee7f920848df
- SHA1
  
  3836ecfaf08b66fb362f746f3affb4befbf049d2
- SHA256
  
  f999da3458f9ec7b3f74fdf616dd98f83c98df65865b285719ee64f9a2d9de30
- SHA512
  
  22e6a2c6465c2479916e939a12b275faa681537f2ab80ba06266ae2831d02f068451b6ec297f4b9718091474d6c55efd37c01034e33e664e8acaba633e4b7039
- SSDEEP
  
  1536:4C5NGAHO9jq3/VfHBBRRhynX35FpsoTTdq0HV0gN/BL3k2FM+Z9+oEXyHsuPIQO1:4Cex9jq3/W5FpbTTsYBJ+oEDlR
Score

3^/10

discovery
behavioral25
- Target
  
  redist/miles/Mssdolby.m3d
- Size
  
  69KB
- MD5
  
  40cf7a8a9263c6eee8740148502afa13
- SHA1
  
  cf7204898c3c0c1aaae6423b6540f161145e524b
- SHA256
  
  58e81fde8410bd129f57b93eaaebeb3b7c8c2b7d117f1c2b260f6db43b9d97c2
- SHA512
  
  1f863b2014c6a116928f8b508c24c515f03390e18be492504a883831acee1a6491f676f03f3a4335a5fde0721be3e867ec126c5becfa26880b6b04c7639c02cb
- SSDEEP
  
  768:r+8zrUGntokAMhLrAkM/gMmfZCh2wnqP3vjVt3CB6nSiB9uKLc1eZo4DJTEKAGL3:v8C8M9Ek8gUh2XCGRLcioQJTR7Lc4n
Score

3^/10

discovery
behavioral26
- Target
  
  redist/miles/Msseax2.m3d
- Size
  
  74KB
- MD5
  
  0287e128be0b9a6941d0b5613db6a71a
- SHA1
  
  c3efaec84622e7b7e6163a47616989bb2c1ecd76
- SHA256
  
  4f89aa03134e0dadee4149094497cd855f1be7143704fe0396ad3ba513201113
- SHA512
  
  aed27187705987d822752fdc7b0b042ed72dca633e252e7b0da0b86f83d4eab217d5b9627ea8ba7e2d5d512e5219e10a52dd94b871bac7ec5212e27e2db7d781
- SSDEEP
  
  768:AFBK3G14F2wf+EsPwpTtAe+jZ0evQF2wnqP3vjhMfSBWriB9dV9DpB0uZocjT8i7:NZF2O+Es5x3C2hMNO97o6T8P4
Score

3^/10

discovery
behavioral27
- Target
  
  redist/miles/Mssfast.m3d
- Size
  
  68KB
- MD5
  
  314446d0d6ffe96395924a7cae0c4970
- SHA1
  
  43b2719a050f7abcf10b93d141a77b83171b78ba
- SHA256
  
  ddd2f324f05f1661ff027434836877651e1a160ecb7861873b525de77a5cf2f4
- SHA512
  
  ac4975e5e34031e84c5a486b09a921696f0f8e9c6a99acd7a4e1687d528021f8e2b02a6d9cf039b1639d533ecd794db0f3c5faaaf3213bf39fa5a9c78b077043
- SSDEEP
  
  768:S7O2n++PADuDIkmB3PrfZLO2wnqP3vj3CJue/TiB98KxECZo4DJTJM9WDGg:1I+Gt0k27pO23CowKxjoQJTL
Score

3^/10

discovery
behavioral28
- Target
  
  redist/miles/Reverb3.flt
- Size
  
  61KB
- MD5
  
  29b5f0a7e1c660fa7e64e329277245f6
- SHA1
  
  64b0e132171defab834b517b996e71a5f63a1282
- SHA256
  
  10d85aae53652c807a15bb4275089608faf5ba7b7f70f963e80f1e5342d14357
- SHA512
  
  69c1dbdb3b35212cf006dbda0b9ca99c68616846fd3a226019f1fc5eb19853d225318a4f89cfaa38bc87942e24a8c6a6536a68dd6702ce2fa5b0d1eb5e59367e
- SSDEEP
  
  768:yGwrSPcco/P61sdX65zAcDZOx2wnqP3vjdMOEuZ5Q9pRiB9TeV9HxvXK3P44KZor:yGCSzo/6GYAx2dMOYP99sPJco0PS
Score

3^/10

discovery
behavioral29
- Target
  
  remcmdstub.exe
- Size
  
  67KB
- MD5
  
  62cb7909b5247f472b0e3f748faedf35
- SHA1
  
  f424005eb21deb09f1617f33814d6e6c3851b7dc
- SHA256
  
  f6aac87863a73299b260315748cb0bc0b964d860cf5710993ca54bd79aaae5db
- SHA512
  
  2f4e36f6a0718e7fc9e08e5cca13b76089cb6c42ab772475a2fd68128268e3c0b6c6371ea665b793a8f6bcc3da76c6a57cb0b916d1d8b71c47d603933a7d72c4
- SSDEEP
  
  1536:gfanvXuNOwphKuyUHTqYXHhrXH4xLIyGMoGPriPWvuPVWXiD:yanPSpAFUzt0xLIyGcPrmGuPVg2
Score

3^/10

discovery
behavioral30
- Target
  
  setup/Storm.dll
- Size
  
  332KB
- MD5
  
  9a2b885cabcadf8c9bdba934f88a818f
- SHA1
  
  5144e6bb77223936d4dff31758db71c189e9b63c
- SHA256
  
  eecc42b05a91413dee10588a654c6cca05836e7513af6c7c568a56124bf97d0a
- SHA512
  
  7a4422fe018ce962e64320a9b8cf7cde7a19eb5e99071cc75ff977358372508e085016cefbecda6ee9e82b1ea9ac12ecae9f51144061eef0b86d85903c0f926e
- SSDEEP
  
  6144:mqeCPy6Ue1t4FoKENOtOPGfqfo5s6tUk41CH+fvxIU5kg1HGCOaOgA5fEvG:aCce1t4O1NOtOPGfqfo5s6tUk/H+d5Fx
Score

3^/10

discovery
behavioral31
- Target
  
  setup/msvcr120.dll
- Size
  
  938KB
- MD5
  
  2f79733ade1e42056b094d00574c9cb1
- SHA1
  
  5f42136e0d00408c9c1ce7f34930a191beaf4566
- SHA256
  
  129f4d54cb4de378e96b32d8cde3a36f053b0e3c443f3b11760206201d614252
- SHA512
  
  7096c78d4e0edf393b7269b74accff4025f47212fb45b901ab93e6467292612f11b36c6f2c391d57af97e666685f5485cdcb6c526632bba1e2691e8aa1eaf205
- SSDEEP
  
  12288:LBmFyjLAOQaYkxGXPfY7eiWWcpOKnpTVOIxhK765qlRRb6x4pI23IbJf:dmFyjLF847eiWWcoGZVOIxh/WxIAIbB
Score

3^/10

discovery
behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Adds Run key to start application

Netsupport family

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32