AteraRAT
AteraAgent is a legitimate RMM tool abuser. Living off the land. AV bypass. hmlineear.msi randomized name. Installation via ps.atera.com.
Threat Profile
Type
RAT
Programming LanguageCommercial RMM
C2 ProtocolHTTPS RMM
First Seen2016
Targets
Küresel
Purpose / Capabilities
- Unauthorized Remote Access
No C2 servers have been identified for this family yet.
Research Reports (1)
AteraRAT -- hmlineear.msi Meşru RMM Aracı Kötüye Kullanımı, AteraAgent Yetkisiz Uzaktan Erişim, dot.net PS1 Yükleyici | Yüksek
AteraAgent 8.2MB hmlineear.msi meşru RMM aracı yetkisiz kullanim. dot.net PS1 installer. Saldirganlar AteraAgent kurarak kalici uzak erisim sağliyor.
Read Report →