Overview

overview

10

Static

static

1

c274d849d3...89.ps1

windows10-2004-x64

10

c274d849d3...89.ps1

windows11-21h2-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c274d849d3bf25f38f966e07fb1dca7e421040902c38eb594e196a2b69320789.ps1

  • Size

    3.6MB

  • Sample

    250417-edz3bssny8

  • MD5

    9bdf65c880dda82bfbd775fb4b6517e2

  • SHA1

    ee12202cecfdd151e5073b0686d0f365d8570267

  • SHA256

    c274d849d3bf25f38f966e07fb1dca7e421040902c38eb594e196a2b69320789

  • SHA512

    6406ec67a40395bd40b5cdf21a3dcdb1ece9cd9def9cc791b5293a53cd823e6fcec40f4415ba6caeebbbe2a9e45d3097961e651a7244da738ca7a004670d2fcc

  • SSDEEP

    49152:kqTqa+Qtnal1tK6TFX9m4kCeRQ7OfmYz0ld5/TopuLAhvjYZJY51B:X

Score
10/10
netsupportdiscoveryexecutionpersistencerat

Malware Config

Targets

    • Target

      c274d849d3bf25f38f966e07fb1dca7e421040902c38eb594e196a2b69320789.ps1

    • Size

      3.6MB

    • MD5

      9bdf65c880dda82bfbd775fb4b6517e2

    • SHA1

      ee12202cecfdd151e5073b0686d0f365d8570267

    • SHA256

      c274d849d3bf25f38f966e07fb1dca7e421040902c38eb594e196a2b69320789

    • SHA512

      6406ec67a40395bd40b5cdf21a3dcdb1ece9cd9def9cc791b5293a53cd823e6fcec40f4415ba6caeebbbe2a9e45d3097961e651a7244da738ca7a004670d2fcc

    • SSDEEP

      49152:kqTqa+Qtnal1tK6TFX9m4kCeRQ7OfmYz0ld5/TopuLAhvjYZJY51B:X

    Score
    10/10
    netsupportdiscoveryexecutionpersistencerat

    • NetSupport

      NetSupport is a remote access tool sold as a legitimate system administration software.

      ratnetsupport

    • Netsupport family

      netsupport

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v16

Tasks