Overview

overview

10

Static

static

10

setup.msi

windows7-x64

10

setup.msi

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    setup.msi

  • Size

    2.9MB

  • Sample

    241202-zr7dsasmdy

  • MD5

    ed95be3a5aa65446628766820729a724

  • SHA1

    6b2b0907d0f7da25f219a64f6f95b0c003c5ecb8

  • SHA256

    c965e8495fe0a4a74007993407f2ba47d44fd88d8a1b8f0caf735ecb0d795e38

  • SHA512

    427767c72a2e708b4a4226796ebf4c04367fe4b182b9b17cb7ff33ec9dcd3b2148a9ad1c374884d05a0bfc388a316f4d82cc64677ad457f28a727eea6daf7ffc

  • SSDEEP

    49152:j+1Ypn4N2MGVv1zyIBWGppT9jnMHRjOOozjcqZJN8dUZTwYaH7oqPxMbY+K/tzQz:j+lUlz9FKbsodq0YaH7ZPxMb8tT

Score
10/10
ateraagentdiscoverypersistenceprivilege_escalationrat

Malware Config

Targets

    • Target

      setup.msi

    • Size

      2.9MB

    • MD5

      ed95be3a5aa65446628766820729a724

    • SHA1

      6b2b0907d0f7da25f219a64f6f95b0c003c5ecb8

    • SHA256

      c965e8495fe0a4a74007993407f2ba47d44fd88d8a1b8f0caf735ecb0d795e38

    • SHA512

      427767c72a2e708b4a4226796ebf4c04367fe4b182b9b17cb7ff33ec9dcd3b2148a9ad1c374884d05a0bfc388a316f4d82cc64677ad457f28a727eea6daf7ffc

    • SSDEEP

      49152:j+1Ypn4N2MGVv1zyIBWGppT9jnMHRjOOozjcqZJN8dUZTwYaH7oqPxMbY+K/tzQz:j+lUlz9FKbsodq0YaH7ZPxMb8tT

    Score
    10/10
    ateraagentdiscoverypersistenceprivilege_escalationrat

    • AteraAgent

      AteraAgent is a remote monitoring and management tool.

      ratateraagent

    • Ateraagent family

      ateraagent

    • Detects AteraAgent

    • Blocklisted process makes network request

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks