General
-
Target
20240924c8cbf412750050248d0e69d9442bd1caryuksliver
-
Size
3.3MB
-
Sample
240924-v4rfwawalk
-
MD5
c8cbf412750050248d0e69d9442bd1ca
-
SHA1
c74ba0888cc19ab0e37be51fdf776742ec612a7c
-
SHA256
8adfe9b991e29cb3b8d17e458c19bc735e6bbb332588c930987e4e9c76ee54ec
-
SHA512
0043c2c69fac9c8aa3cda1915e045cff18184a273e8e70de03ee638afc683c351ec961d239ce946a87fd9fc6184b8adaeb5b88e087261f3e4a7f2c1cc5efcdff
-
SSDEEP
49152:xX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85QC:xlRsZ47/QXoHUOfAoj1x6C
Behavioral task
behavioral1
Sample
20240924c8cbf412750050248d0e69d9442bd1caryuksliver.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
20240924c8cbf412750050248d0e69d9442bd1caryuksliver.exe
Resource
win10v2004-20240802-en
Malware Config
Extracted
meshagent
2
TacticalRMM
http://mesh.doubehi.xyz:443/agent.ashx
-
mesh_id
0xB8005B1CF6A6ED1837D5685521C545B4B0FF534D9B9663E98B17378BBE1543E4310011C6E0ECD0CB2CF824A55D575540
-
server_id
88A6C524BB5954DBFF1163A381199A301EAD8865F5B3CA30751FE615CC9EBFE97880DE50059BB9DCCD3882387735BE30
-
wss
wss://mesh.doubehi.xyz:443/agent.ashx
Targets
-
-
Target
20240924c8cbf412750050248d0e69d9442bd1caryuksliver
-
Size
3.3MB
-
MD5
c8cbf412750050248d0e69d9442bd1ca
-
SHA1
c74ba0888cc19ab0e37be51fdf776742ec612a7c
-
SHA256
8adfe9b991e29cb3b8d17e458c19bc735e6bbb332588c930987e4e9c76ee54ec
-
SHA512
0043c2c69fac9c8aa3cda1915e045cff18184a273e8e70de03ee638afc683c351ec961d239ce946a87fd9fc6184b8adaeb5b88e087261f3e4a7f2c1cc5efcdff
-
SSDEEP
49152:xX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85QC:xlRsZ47/QXoHUOfAoj1x6C
Score1/10 -