General

  • Target

    2024-10-04_8d02f630c7897482d1899517552bc6f1_ryuk_sliver

  • Size

    3.3MB

  • Sample

    241004-armxpsvcjr

  • MD5

    8d02f630c7897482d1899517552bc6f1

  • SHA1

    d66a73797cf9fe2c6c4ee03521a18047545e7b5f

  • SHA256

    a239d8aeb4130cb2d49072441d025e5d86e90081e86aafcc182ace54ea669cf1

  • SHA512

    228b7c5c60f8c3f7e9c9725f4c9b37f627716cf3b2207d18401007e23e27d0bf4e0119586be3aa5652c5e5f773d8a73277e70a0e52ea8de76452e4a7799c68a6

  • SSDEEP

    49152:Pf708gNcR9l5NyQB7q1AlgraPgDLDVXI2RXgGfX2kMFvfAw6dZ7Nueuxy5f:P+49lnyeG3D56gXm6hh

Score
10/10

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

n1

Attributes
  • mesh_id

    0x8AA3332460A0404D860C3E46D95525BDAA328F1C24C077E14BD0A95BE2D0EA4BA9384994844057E79C6D335B469A38CD

  • server_id

    BEC956642E30BE68AB6B3ED2F40F4E784CBA349DE3EB7E116F5B22319425FB4FE4C5A6831A5CE5524C569F6F42190B24

  • wss

    localhost

Targets

    • Target

      2024-10-04_8d02f630c7897482d1899517552bc6f1_ryuk_sliver

    • Size

      3.3MB

    • MD5

      8d02f630c7897482d1899517552bc6f1

    • SHA1

      d66a73797cf9fe2c6c4ee03521a18047545e7b5f

    • SHA256

      a239d8aeb4130cb2d49072441d025e5d86e90081e86aafcc182ace54ea669cf1

    • SHA512

      228b7c5c60f8c3f7e9c9725f4c9b37f627716cf3b2207d18401007e23e27d0bf4e0119586be3aa5652c5e5f773d8a73277e70a0e52ea8de76452e4a7799c68a6

    • SSDEEP

      49152:Pf708gNcR9l5NyQB7q1AlgraPgDLDVXI2RXgGfX2kMFvfAw6dZ7Nueuxy5f:P+49lnyeG3D56gXm6hh

    Score
    1/10

MITRE ATT&CK Matrix

Tasks