sliver | 924f953de2ee0ba094a76e5001b8f445d5e80f37e1fa6c5943a13b971f63b0fb | Triage

Submit
Reports

Overview

overview

Static

static

8

924f953de2...fb.doc

windows7-x64

4

924f953de2...fb.doc

windows10-2004-x64

Sharing

General

Target

924f953de2ee0ba094a76e5001b8f445d5e80f37e1fa6c5943a13b971f63b0fb
Size

59KB
Sample

241017-xbyqlayhra
MD5

0aa07c58cdcaf9953eacd916e4f61973
SHA1

17570423d85a315fffac747d3c669848824b1d5c
SHA256

924f953de2ee0ba094a76e5001b8f445d5e80f37e1fa6c5943a13b971f63b0fb
SHA512

97f158e62a113e2db679203b4a0cd3cfbe65ea990c2b77dab1a204b9b2be8cdaeedf617758892503b6779464fe2466302f06fa821e41aa2d2d58d562c3d12397
SSDEEP

1536:RandM9Ql1gcEdJRUwlPnGoBvpgq4eJEV:8n26HgcEdJRUwVGCyqlJE

Score

10^/10

sliver backdoor discovery macro macro_on_action trojan

Static task

static1

macro macro_on_action

2 signatures

Behavioral task

behavioral1

Sample

924f953de2ee0ba094a76e5001b8f445d5e80f37e1fa6c5943a13b971f63b0fb.doc

Resource

win7-20240903-en

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

924f953de2ee0ba094a76e5001b8f445d5e80f37e1fa6c5943a13b971f63b0fb.doc

Resource

win10v2004-20241007-en

sliver backdoor trojan

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  924f953de2ee0ba094a76e5001b8f445d5e80f37e1fa6c5943a13b971f63b0fb
- Size
  
  59KB
- MD5
  
  0aa07c58cdcaf9953eacd916e4f61973
- SHA1
  
  17570423d85a315fffac747d3c669848824b1d5c
- SHA256
  
  924f953de2ee0ba094a76e5001b8f445d5e80f37e1fa6c5943a13b971f63b0fb
- SHA512
  
  97f158e62a113e2db679203b4a0cd3cfbe65ea990c2b77dab1a204b9b2be8cdaeedf617758892503b6779464fe2466302f06fa821e41aa2d2d58d562c3d12397
- SSDEEP
  
  1536:RandM9Ql1gcEdJRUwlPnGoBvpgq4eJEV:8n26HgcEdJRUwVGCyqlJE
Score

10^/10

discovery sliver backdoor trojan
- Sliver RAT v2
- SliverRAT
  SliverRAT is an open source Adversary Emulation Framework.
  trojan backdoor sliver
- Downloads MZ/PE file
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

macromacro_on_action

behavioral1

behavioral2

sliverbackdoortrojan

© 2018-2024

Terms | Privacy