Overview

overview

10

Static

static

10

setup.msi

windows7-x64

10

setup.msi

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    setup.msi

  • Size

    2.9MB

  • Sample

    241202-yk374swjan

  • MD5

    4796a9c623e4dddfc2f79c684e0b1107

  • SHA1

    393228a37fe3dc06a014306c662864fb1e97aa23

  • SHA256

    617fc974485a1ecc42f1856add7fe69f36a45844fd957260b21a239c73c06b0b

  • SHA512

    2e27d8b1ff29d2c6241240635061ad00e6588a58feacaa6d160e7489ef37793c4a8e6266ffff57f308fb4b5ae256927a63f484cfdadcf1fc085733d8237a85dd

  • SSDEEP

    49152:++1Ypn4N2MGVv1zyIBWGppT9jnMHRjOOozjcqZJN8dUZTwYaH7oqPxMbY+K/tzQz:++lUlz9FKbsodq0YaH7ZPxMb8tT

Score
10/10
ateraagentdiscoverypersistenceprivilege_escalationrat

Malware Config

Targets

    • Target

      setup.msi

    • Size

      2.9MB

    • MD5

      4796a9c623e4dddfc2f79c684e0b1107

    • SHA1

      393228a37fe3dc06a014306c662864fb1e97aa23

    • SHA256

      617fc974485a1ecc42f1856add7fe69f36a45844fd957260b21a239c73c06b0b

    • SHA512

      2e27d8b1ff29d2c6241240635061ad00e6588a58feacaa6d160e7489ef37793c4a8e6266ffff57f308fb4b5ae256927a63f484cfdadcf1fc085733d8237a85dd

    • SSDEEP

      49152:++1Ypn4N2MGVv1zyIBWGppT9jnMHRjOOozjcqZJN8dUZTwYaH7oqPxMbY+K/tzQz:++lUlz9FKbsodq0YaH7ZPxMb8tT

    Score
    10/10
    ateraagentdiscoverypersistenceprivilege_escalationrat

    • AteraAgent

      AteraAgent is a remote monitoring and management tool.

      ratateraagent

    • Ateraagent family

      ateraagent

    • Detects AteraAgent

    • Blocklisted process makes network request

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks