General
-
Target
https://getfilenow.com/lp?id=Atlantis%20Exploit_47100272&t=ZV5eVGZSQkRCWw==
-
Sample
241113-ervd1avpbt
Static task
static1
URLScan task
urlscan1
Behavioral task
behavioral1
Sample
https://getfilenow.com/lp?id=Atlantis%20Exploit_47100272&t=ZV5eVGZSQkRCWw==
Resource
win11-20241007-en
21 signatures
150 seconds
Malware Config
Targets
-
-
Target
https://getfilenow.com/lp?id=Atlantis%20Exploit_47100272&t=ZV5eVGZSQkRCWw==
-
Downloads MZ/PE file
-
A potential corporate email address has been identified in the URL: [email protected]
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Enterprise v15
Defense Evasion
Modify Registry
1Subvert Trust Controls
2Install Root Certificate
1SIP and Trust Provider Hijacking
1Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
1Credentials In Files
1