General

  • Target

    2024-09-30_ed6ae8839d4389729bf91770c9dcd0d3_ryuk_sliver

  • Size

    3.3MB

  • Sample

    240930-ls5dxsshre

  • MD5

    ed6ae8839d4389729bf91770c9dcd0d3

  • SHA1

    63d8b13495925c08c76ec476a3f34972af13eb18

  • SHA256

    515f2ad0c4753e3154c259a990afe40d609e6e90c9aa4925f6a207bfcde3675f

  • SHA512

    3fc2d8904eee60efdef2315ae1d75fcdae74c709a26f8122644d2f0de56b77e513a850d2643ce9cd4d82bf73bb260f9f48d7d9c232a17f59e1b4c8819ba69e92

  • SSDEEP

    49152:2X3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85QO:2lRsZ47/QXoHUOfAoj1x6O

Score
10/10

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

maniilaq.org

C2

http://185.174.102.57:443/agent.ashx

Attributes
  • mesh_id

    0x24E2A104D6FCD776798EAA4D8DE59705EFBEDE72A79571A1C918C774104D21FFC4359868EA3E219BF83EAAC46DA21F86

  • server_id

    673B526578458F4DFEE7EFB5343A0F95851D12805FE5873CEE0439BA14F7F16EEA03D4B27D3EEC7388774AC17A21460E

  • wss

    wss://185.174.102.57:443/agent.ashx

Targets

    • Target

      2024-09-30_ed6ae8839d4389729bf91770c9dcd0d3_ryuk_sliver

    • Size

      3.3MB

    • MD5

      ed6ae8839d4389729bf91770c9dcd0d3

    • SHA1

      63d8b13495925c08c76ec476a3f34972af13eb18

    • SHA256

      515f2ad0c4753e3154c259a990afe40d609e6e90c9aa4925f6a207bfcde3675f

    • SHA512

      3fc2d8904eee60efdef2315ae1d75fcdae74c709a26f8122644d2f0de56b77e513a850d2643ce9cd4d82bf73bb260f9f48d7d9c232a17f59e1b4c8819ba69e92

    • SSDEEP

      49152:2X3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85QO:2lRsZ47/QXoHUOfAoj1x6O

    Score
    1/10

MITRE ATT&CK Matrix

Tasks