General

  • Target

    Digital.msi

  • Size

    2.9MB

  • Sample

    241124-mds8sa1mhr

  • MD5

    391a7dcf2ff4af032a8de9b5bfc5b7d9

  • SHA1

    22e2261c6e65f3d95406e66c77d3942d51790417

  • SHA256

    e652634f90f23553d56fa937227c039f8769f9509051a434a14990785a8ab57f

  • SHA512

    5adf800adc213f114a282b0ff29e33e14b70e66dc685a31826e497a6344961de1b7dbf5412b3539eb6ee5abc223be8209953352fd6f9a4f2cbaaafc3f4770c44

  • SSDEEP

    49152:q+1Ypn4N2MGVv1zyIBWGppT9jnMHRjOOozjcqZJN8dUZTwYaH7oqPxMbY+K/tzQz:q+lUlz9FKbsodq0YaH7ZPxMb8tT

Malware Config

Targets

    • Target

      Digital.msi

    • Size

      2.9MB

    • MD5

      391a7dcf2ff4af032a8de9b5bfc5b7d9

    • SHA1

      22e2261c6e65f3d95406e66c77d3942d51790417

    • SHA256

      e652634f90f23553d56fa937227c039f8769f9509051a434a14990785a8ab57f

    • SHA512

      5adf800adc213f114a282b0ff29e33e14b70e66dc685a31826e497a6344961de1b7dbf5412b3539eb6ee5abc223be8209953352fd6f9a4f2cbaaafc3f4770c44

    • SSDEEP

      49152:q+1Ypn4N2MGVv1zyIBWGppT9jnMHRjOOozjcqZJN8dUZTwYaH7oqPxMbY+K/tzQz:q+lUlz9FKbsodq0YaH7ZPxMb8tT

    • AteraAgent

      AteraAgent is a remote monitoring and management tool.

    • Ateraagent family

    • Detects AteraAgent

    • Blocklisted process makes network request

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks