Overview

overview

10

Static

static

10

1484770b00...2e.msi

windows7-x64

10

1484770b00...2e.msi

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1484770b005cef914a0710b85d2c57ad96c1c48abbeb0f3c4055b19c1299d12e.msi

  • Size

    2.9MB

  • Sample

    241125-clh3nsyjhp

  • MD5

    8a685b955bed68d969ddea75d5ce51bf

  • SHA1

    2c66035dda36813b6d139c228148ce3a7faca9c2

  • SHA256

    1484770b005cef914a0710b85d2c57ad96c1c48abbeb0f3c4055b19c1299d12e

  • SHA512

    a9c50d981e62d7da7a7926265b16213cb990e203eccb46f2d2f9df0c20fdbb792099a36359b845a9073e19fc8fdb6318d9e3da812cbc6160be41b7caa72a91e5

  • SSDEEP

    49152:B+1Ypn4N2MGVv1zyIBWGppT9jnMHRjOOozjcqZJN8dUZTwYaH7oqPxMbY+K/tzQz:B+lUlz9FKbsodq0YaH7ZPxMb8tT

Score
10/10
ateraagentdiscoverypersistenceprivilege_escalationrat

Malware Config

Targets

    • Target

      1484770b005cef914a0710b85d2c57ad96c1c48abbeb0f3c4055b19c1299d12e.msi

    • Size

      2.9MB

    • MD5

      8a685b955bed68d969ddea75d5ce51bf

    • SHA1

      2c66035dda36813b6d139c228148ce3a7faca9c2

    • SHA256

      1484770b005cef914a0710b85d2c57ad96c1c48abbeb0f3c4055b19c1299d12e

    • SHA512

      a9c50d981e62d7da7a7926265b16213cb990e203eccb46f2d2f9df0c20fdbb792099a36359b845a9073e19fc8fdb6318d9e3da812cbc6160be41b7caa72a91e5

    • SSDEEP

      49152:B+1Ypn4N2MGVv1zyIBWGppT9jnMHRjOOozjcqZJN8dUZTwYaH7oqPxMbY+K/tzQz:B+lUlz9FKbsodq0YaH7ZPxMb8tT

    Score
    10/10
    ateraagentdiscoverypersistenceprivilege_escalationrat

    • AteraAgent

      AteraAgent is a remote monitoring and management tool.

      ratateraagent

    • Ateraagent family

      ateraagent

    • Detects AteraAgent

    • Blocklisted process makes network request

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks