Behavioral task
behavioral1
Sample
MuddyWater.msi
Resource
win7-20240708-en
windows7-x64
24 signatures
150 seconds
Behavioral task
behavioral2
Sample
MuddyWater.msi
Resource
win10v2004-20241007-en
windows10-2004-x64
25 signatures
150 seconds
General
-
Target
atera_installer.zip
-
Size
2.4MB
-
MD5
68964d056cd68679eaaadb1d81773349
-
SHA1
5e9e1091e65f8aa8c0ac875c79d9b79562a05583
-
SHA256
27c7a09c008c93405629c44df399db0564219bbc30cc321eee08858679665287
-
SHA512
afc427503187f486033895b230b28907233471befa92baf5d897ab424a554ac296c02181f1a7bd4b2a2d2cdb55e1cbd334c053717e141e5578e71d7113372aa4
-
SSDEEP
49152:QOqA8tZ+oh93cDPU4Se/4dm0Fqnd7e0wJU1W3pGpDQ1zUEd4U45TuhYjNH:QOh8r7cbUU4M0wnd7e1JUo6M4nxiYpH
Score
10/10
Malware Config
Signatures
-
Ateraagent family
-
Detects AteraAgent 1 IoCs
Processes:
resource yara_rule static1/unpack001/MuddyWater family_ateraagent
Files
-
atera_installer.zip.zip
Password: infected
-
MuddyWater.msi