NetSupport
NetSupport is a malware family active in the Remote Access Trojan (RAT) category and widely observed around the world. This sample has been identified as a RAT (Remote Access Trojan) that gives attackers full remote control over compromised systems. It has comprehensive surveillance capabilities such as keylogging, screenshot taking, file management and shell access.
History
NetSupport Manager adli uzaktan erisim aracindan truva ati varyantiyla yayilan NetSupport RAT, meşru yazilim gorüntüsüyle korunuyor. Sahte tarayici guncellemeleri (ClearFake/SocGholish) yoluyla yapilmakta olan yayilimda, kullanicilarin gercek bir guncelleme oldugunu sanarak kurduklari bu RAT ile uzaktan yonetim saglanmaktadir.
Technical Details
RAT ailesi: TCP C2 protokolu, kalicilik mekanizmasi (Registry/Task Scheduler), keylogger, ekran goruntüsü, uzak kabuk, dosya yoneticisi, process manager, anti-analiz kontrolleri
Threat Profile
Type
RAT
Programming LanguageC++
C2 ProtocolTCP
First Seen2020
Targets
Windows
Purpose / Capabilities
- Remote Access
- Keylogger
- Screenshot
- File Management
No C2 servers have been identified for this family yet.