NetSupportRAT
NetSupportRAT NetSupport Manager abuse. Legitimate remote management tool used maliciously. CurrentVersion\Run persistence.
- Remote Access
Research Reports (5)
NetSupportRAT -- Rate_RATE_AGR_Jun29.exe Tarih Damgalı Anlaşma Lürü, CurrentVersion/Run Autorun, Connection Timeout Retry Meşru NetSupport Stringleri | Orta
NetSupportRAT 196KB Rate_RATE_AGR_Jun29.exe Jun29 tarih damgali rate agreement lurü. Software\Microsoft\Windows\CurrentVersion\Run autorun. Connection timeout after d ms retrying.
Read Report →NetSupportRAT2 -- geo.netsupportsoftware.com Konum Servisi, EV_CONFIGSET Olay Protokolü, Ses Akışı PCICL32.DLL | Yüksek
NetSupportRAT2 2.2MB NS2H.zip PCICL32.DLL. geo.netsupportsoftware.com loca.asp konum servisi. EV_CONFIGSET olay protokol. Ses akisi ses izleme.
Read Report →NetSupportRAT -- Rate_RATE_AGR_Jun29.exe Haziran 29 Tarihli Teklif Lure, Kodlanmış Config | Orta
NetSupportRAT 201KB Rate_RATE_AGR_Jun29.exe Haziran 29 teklif anlasma lure. IMCPBLGFEPGLGD uzun kodlanmis config string.
Read Report →NetSupportRAT -- Rate_RATE_AGR_Jun29.exe Teslim Adlandırma, Meşru RMM Kötüye Kullanımı | Yüksek
NetSupportRAT 201KB Rate_RATE_AGR_Jun29.exe. Meşru NetSupport Manager RMM aracının tehdit aktörü kötüye kullanımı. TA569.
Read Report →NetSupportRAT -- Rate_RATE_AGR_Jun29.exe 201KB, Windows System Settings Host Kamuflaj | Yüksek
NetSupportRAT 201KB. Windows System Settings Host XML kamuflaj. Registry persistence.
Read Report →