General
-
Target
2024-09-25_3d1568c0498f3b81014a613519452fda_ryuk_sliver
-
Size
3.3MB
-
Sample
240925-pm2mmaycpg
-
MD5
3d1568c0498f3b81014a613519452fda
-
SHA1
021a756b082cab1fa710a278d55555166ea9c199
-
SHA256
a9faecf853fcdc98c9a813c0844b3e6b7121fc6615a2e6dffba418158526ba77
-
SHA512
862db95a7864846180849dcfa83ffb8ae02ea3e5a744eda21e19e6868cdc145f2dd53a36d4042a1ecc24887b764826c5cd5ff1eb971ae7570bf4ba25eb7681c1
-
SSDEEP
49152:7X3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85Qu:7lRsZ47/QXoHUOfAoj1x6u
Behavioral task
behavioral1
Sample
2024-09-25_3d1568c0498f3b81014a613519452fda_ryuk_sliver.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
2024-09-25_3d1568c0498f3b81014a613519452fda_ryuk_sliver.exe
Resource
win10v2004-20240802-en
Malware Config
Extracted
meshagent
2
TacticalRMM
http://mesh.grupohtop.com:443/agent.ashx
-
mesh_id
0xEF8F588A19FD402F5ADEAA77004521B32E108C98802D4751A0B82DB2876301121D3FF5CE0748C7937F694B93B40C3F57
-
server_id
1AF3CBAB7F1CD0A4B00B3A76965585225EDAC9716417FADF89FCAFF0D502FBD97705B0B3C918D96095301943DAD17296
-
wss
wss://mesh.grupohtop.com:443/agent.ashx
Targets
-
-
Target
2024-09-25_3d1568c0498f3b81014a613519452fda_ryuk_sliver
-
Size
3.3MB
-
MD5
3d1568c0498f3b81014a613519452fda
-
SHA1
021a756b082cab1fa710a278d55555166ea9c199
-
SHA256
a9faecf853fcdc98c9a813c0844b3e6b7121fc6615a2e6dffba418158526ba77
-
SHA512
862db95a7864846180849dcfa83ffb8ae02ea3e5a744eda21e19e6868cdc145f2dd53a36d4042a1ecc24887b764826c5cd5ff1eb971ae7570bf4ba25eb7681c1
-
SSDEEP
49152:7X3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85Qu:7lRsZ47/QXoHUOfAoj1x6u
Score1/10 -