sliver | e456ee3e4e60b14525e3a2f0b0ca1bda82afcc1fa9ba9696f60c6297c4d01390 | Triage

Submit
Reports

Overview

overview

Static

static

3

joeseph-Lu...ed.exe

windows10-1703-x64

Sharing

General

Target

joeseph-Luna-Logged.exe
Size

13.2MB
Sample

240804-hljbbstcje
MD5

50c48cf579fee7a01dcdff742f16f7c2
SHA1

8758e4bb451725834bae5cb0b006f37898731ebd
SHA256

e456ee3e4e60b14525e3a2f0b0ca1bda82afcc1fa9ba9696f60c6297c4d01390
SHA512

ee542f1c789ae41160d468f9c6e1cd82157203676f177313deed519e4ae4af07a374eb7d594bc146a0c4704deceab723b932201ea9682c1ef1332b8b89ecc618
SSDEEP

393216:hWjIc+GLlRL+bXtZwOTQ44PSEgyumuQM272+Yyx+X:hAvpYdZwO1tmu07JYyIX

Score

10^/10

sliver backdoor defense_evasion discovery execution trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

joeseph-Luna-Logged.exe

Resource

win10-20240404-en

sliver backdoor defense_evasion discovery execution trojan

windows10-1703-x64

17 signatures

150 seconds

Malware Config

Targets

- Target
  
  joeseph-Luna-Logged.exe
- Size
  
  13.2MB
- MD5
  
  50c48cf579fee7a01dcdff742f16f7c2
- SHA1
  
  8758e4bb451725834bae5cb0b006f37898731ebd
- SHA256
  
  e456ee3e4e60b14525e3a2f0b0ca1bda82afcc1fa9ba9696f60c6297c4d01390
- SHA512
  
  ee542f1c789ae41160d468f9c6e1cd82157203676f177313deed519e4ae4af07a374eb7d594bc146a0c4704deceab723b932201ea9682c1ef1332b8b89ecc618
- SSDEEP
  
  393216:hWjIc+GLlRL+bXtZwOTQ44PSEgyumuQM272+Yyx+X:hAvpYdZwO1tmu07JYyIX
Score

10^/10

sliver backdoor defense_evasion discovery execution trojan
- Sliver RAT v2
- SliverRAT
  SliverRAT is an open source Adversary Emulation Framework.
  trojan backdoor sliver
- Command and Scripting Interpreter: PowerShell
  Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.
  execution
- Downloads MZ/PE file
- Executes dropped EXE
- Indirect Command Execution
  Adversaries may abuse utilities that allow for command execution to bypass security restrictions that limit the use of command-line interpreters.
  defense_evasion
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Indirect Command Execution

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

sliverbackdoordefense_evasiondiscoveryexecutiontrojan

© 2018-2025

Terms | Privacy