General

  • Target

    55d315224a8902e9847ee48f454fc97334e18bbaff4189f2fcbaaacba8330cbf.msi

  • Size

    2.9MB

  • Sample

    241125-cwywwatkdt

  • MD5

    4cabbdcb677450204d2b0f8bd36f85af

  • SHA1

    cac64533022f26832165b6d2c13c2c61e0ffb867

  • SHA256

    55d315224a8902e9847ee48f454fc97334e18bbaff4189f2fcbaaacba8330cbf

  • SHA512

    0a2e1554f3e8bd59af9e766593cb0035e9f14e17884583e95241161ed2b40a16b9352c2d0fd177bba781bea5c0d8fd2017af6aacdd56b367ec336db3b808c293

  • SSDEEP

    49152:t+1Ypn4N2MGVv1zyIBWGppT9jnMHRjOOozjcqZJN8dUZTwYaH7oqPxMbY+K/tzQz:t+lUlz9FKbsodq0YaH7ZPxMb8tT

Malware Config

Targets

    • Target

      55d315224a8902e9847ee48f454fc97334e18bbaff4189f2fcbaaacba8330cbf.msi

    • Size

      2.9MB

    • MD5

      4cabbdcb677450204d2b0f8bd36f85af

    • SHA1

      cac64533022f26832165b6d2c13c2c61e0ffb867

    • SHA256

      55d315224a8902e9847ee48f454fc97334e18bbaff4189f2fcbaaacba8330cbf

    • SHA512

      0a2e1554f3e8bd59af9e766593cb0035e9f14e17884583e95241161ed2b40a16b9352c2d0fd177bba781bea5c0d8fd2017af6aacdd56b367ec336db3b808c293

    • SSDEEP

      49152:t+1Ypn4N2MGVv1zyIBWGppT9jnMHRjOOozjcqZJN8dUZTwYaH7oqPxMbY+K/tzQz:t+lUlz9FKbsodq0YaH7ZPxMb8tT

    • AteraAgent

      AteraAgent is a remote monitoring and management tool.

    • Ateraagent family

    • Detects AteraAgent

    • Blocklisted process makes network request

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks