General

  • Target

    2024-09-27_c3c5771507c8c03029528c441c09e8b2_ryuk_sliver

  • Size

    3.3MB

  • Sample

    240927-v3smjssfrn

  • MD5

    c3c5771507c8c03029528c441c09e8b2

  • SHA1

    41c8bd27f366f9fc46100b3a661bdeb637dda9aa

  • SHA256

    b4ca728e903562ac304684d15a3353f290f57ad9c42f61977307b0de2f00c5ec

  • SHA512

    01ae8bd2083ca3ba25a49cea2f03ecf1bb019407c60408d2e4782ea294bcc1c36bb0561b46eb6c4b13044b0a67895470e84d9ae83f6887bdd4a1ef2ef78945f9

  • SSDEEP

    49152:fX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe/5u:flRsZ47/QXoHUOfAoj1ys

Score
10/10

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

v3.8

C2

http://mesh.appsoftwares.info:443/agent.ashx

Attributes
  • mesh_id

    0x152F6AF8F663B1C744E540BFB726B11ACC24FD1890E6EAC6FD7285A494CC6E8B79C08E4C769E01ACCAF22DDCCDEB9FBE

  • server_id

    D8937848AC889E5E79C912BD47DB90B4C7AECF29A40E287B8CF956BF8FA9B21A50A7B41B2305F6933A10B4A28DC8786A

  • wss

    wss://mesh.appsoftwares.info:443/agent.ashx

Targets

    • Target

      2024-09-27_c3c5771507c8c03029528c441c09e8b2_ryuk_sliver

    • Size

      3.3MB

    • MD5

      c3c5771507c8c03029528c441c09e8b2

    • SHA1

      41c8bd27f366f9fc46100b3a661bdeb637dda9aa

    • SHA256

      b4ca728e903562ac304684d15a3353f290f57ad9c42f61977307b0de2f00c5ec

    • SHA512

      01ae8bd2083ca3ba25a49cea2f03ecf1bb019407c60408d2e4782ea294bcc1c36bb0561b46eb6c4b13044b0a67895470e84d9ae83f6887bdd4a1ef2ef78945f9

    • SSDEEP

      49152:fX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe/5u:flRsZ47/QXoHUOfAoj1ys

    Score
    1/10

MITRE ATT&CK Matrix

Tasks