NetSupport RAT: The RAT King Returns [Wednesday, November 22, 2023]

NetSupport RAT: The RAT King Returns [Wednesday, November 22, 2023]
https://www.securitricks.com/content/images/size/w600/format/webp/2023/12/ATTACK-REPORT-LOGO-2.png
Report

NetSupport RAT: The RAT King Returns

Description :
NetSupport Manager, a popular tool used for remote systems management, has been used by threat actors to infiltrate systems and launch a sophisticated attack on the networks, according to research by Carbon Black Managed Detection & Response and VMWare.

Published :
2023-11-22T12:42:57.796Z

Created :
2023-11-22T12:42:57.796Z

Modified :
2023-11-22T12:58:22.584Z

Tags

  • netsupport rat

Indicators

IPv4s :
  • 5.252.177.111
  • 91.19.150.63
  • 91.219.150.64
URLs :
  • http://gamefllix.com/111.php
  • http://gamefllix.com/111.php?9279
  • https://magydostravel.com/cdn/zwmrqqgqnaww.php
Domains :
  • magydostravel.com
  • arauas.com
  • kgscrew.com
  • implacavelvideos.com
  • sdjfnvnbbz.pw
  • gamefllix.com
Hashes :
  • 89f0c8f170fe9ea28b1056517160e92e2d7d4e8aa81f4ed696932230413a6ce1
  • 6795d760ce7a955df6c2f5a062e296128efdb8c908908eda4d666926980447ea
  • f4e2f28169e0c88b2551b6f1d63f8ba513feb15beacc43a82f626b93d673f56d
  • 60fe386112ad51f40a1ee9e1b15eca802ced174d7055341c491dee06780b3f92
  • fedd609a16c717db9bea3072bed41e79b564c4bc97f959208bfa52fb3c9fa814
  • 3c072532bf7674d0c5154d4d22a9d9c0173530c0d00f69911cdbc2552175d899
  • c5c974b3315602ffaab9066aeaac3a55510db469b483cb85f6c591e948d16cfe
  • 956b9fa960f913cce3137089c601f3c64cc24c54614b02bba62abb9610a985dd
  • 54b920f5b87019fcf313bec4d9f4639a932b8268e5183b29804e91e29ed6f726
  • d96856cd944a9f1587907cacef974c0248b7f4210f1689c1e6bcac5fed289368
  • 46bb795f28ef33412b83542c88ef17d2a2a207ad3a927ecb4678b4ac9c5a05a5
  • 28208baa507b260c2df6637427de82ad0423c20e2bceceb92ba5d76074dcd347
  • e3665d8c5030be81a6955965c2928564fe922b9a21f9e712580d04825fa0adf1
  • 2d6c6200508c0797e6542b195c999f3485c4ef76551aa3c65016587788ba1703
  • 4bfa4c00414660ba44bddde5216a7f28aeccaa9e2d42df4bbff66db57c60522b
  • 213af995d4142854b81af3cf73dee7ffe9d8ad6e84fda6386029101dbf3df897
  • 38684adb2183bf320eb308a96cdbde8d1d56740166c3e2596161f42a40fa32d5
  • 8c9cd7a1ac6d4cbc641b31a3c55fde5e0e5a48c9bdaf71a59a2c4c9fd98ff9e7
  • fc6f9dbdf4b9f8dd1f5f3a74cb6e55119d3fe2c9db52436e10ba07842e6c3d7c
  • 2e4bd5557aedd1743da5fab1b6995fbc447d6e9491d9ec59fa93ab889d8bccd1
  • b6b51f4273420c24ea7dc13ef4cc7615262ccbdf6f5e5a49dae604ec153055ad
Attacks Pattern :
  • T1074
  • T1547.001
  • T1057
  • T1055
  • T1059.001
  • T1027
  • T1059
  • T1041
External References :

You can download the txt file containing the indicators by clicking on the button below:

About the author
Julien B.

Securitricks

Up-to-Date Cybersecurity Insights & Malware Reports

Securitricks

Great! Youโ€™ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to Securitricks.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.