netsupport | 662d8ec28b152eea2f90eba299ecd13d78ba1ba09c1abd430e3f3697f24c2407 | Triage

Submit
Reports

Overview

overview

Static

static

3

2025-04-14...er.exe

windows10-2004-x64

Sharing

General

Target

2025-04-14_310863952be2ae79bbfbbd14b9817b80_amadey_elex_konni_smoke-loader
Size

2.6MB
Sample

250414-yctcyayqy5
MD5

310863952be2ae79bbfbbd14b9817b80
SHA1

d66abf02964de107e4f6f0e5fa11ff47dc658009
SHA256

662d8ec28b152eea2f90eba299ecd13d78ba1ba09c1abd430e3f3697f24c2407
SHA512

3553819f02715e442f375e01a9d7f80e263cc9f92f6a9feb39b1c186b9e9407dc3cea0a9fd40e3b097214653b924f99586d8bf78ed8b66e1e860ba433e1f79e8
SSDEEP

49152:8+7ffNrrUnhv3lD6PBYNTjytiWV2kcLY0V22S:8+7ffh+Q4Tjy9qc65S

Score

10^/10

netsupport discovery rat

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

2025-04-14_310863952be2ae79bbfbbd14b9817b80_amadey_elex_konni_smoke-loader.exe

Resource

win10v2004-20250314-en

netsupport discovery rat

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  2025-04-14_310863952be2ae79bbfbbd14b9817b80_amadey_elex_konni_smoke-loader
- Size
  
  2.6MB
- MD5
  
  310863952be2ae79bbfbbd14b9817b80
- SHA1
  
  d66abf02964de107e4f6f0e5fa11ff47dc658009
- SHA256
  
  662d8ec28b152eea2f90eba299ecd13d78ba1ba09c1abd430e3f3697f24c2407
- SHA512
  
  3553819f02715e442f375e01a9d7f80e263cc9f92f6a9feb39b1c186b9e9407dc3cea0a9fd40e3b097214653b924f99586d8bf78ed8b66e1e860ba433e1f79e8
- SSDEEP
  
  49152:8+7ffNrrUnhv3lD6PBYNTjytiWV2kcLY0V22S:8+7ffh+Q4Tjy9qc65S
Score

10^/10

netsupport discovery rat
- NetSupport
  NetSupport is a remote access tool sold as a legitimate system administration software.
  rat netsupport
- Netsupport family
  netsupport
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops startup file
- Executes dropped EXE
- Loads dropped DLL
behavioral1

MITRE ATT&CK Enterprise v16

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

netsupportdiscoveryrat

© 2018-2025

Terms | Privacy