General

  • Target

    2024-10-06_683182aa6147a64e4e5ec0799294184d_ryuk_sliver

  • Size

    3.2MB

  • Sample

    241006-a8r8rasdqc

  • MD5

    683182aa6147a64e4e5ec0799294184d

  • SHA1

    e9749f2c6caf16d35cbceb48e23b48d5a5d7ef02

  • SHA256

    a973321bd490c061bfbc44a59693fe64c8efc1fe1022e798a390f8facfaf23c6

  • SHA512

    b6e429cc687b13b26275eef1f40cea6b99e5c561b86fc441ac58632ec317583f4da7e154618ef60844b945c634dc83a96ffa9239bd1ae7fb885ff239126271ff

  • SSDEEP

    49152:tX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQer:tlRsZ47/QXoHUOfAoj1U

Score
10/10

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

Certi

C2

http://172.236.171.111:443/agent.ashx

Attributes
  • mesh_id

    0x83DC2E03D3CC69E1F6BA635EE1B9729C85F530972CCE5362B05C9C6EF1A38161338F7C40849549AD8184A4CA16AC400A

  • server_id

    38951BE7A38EAAF4355BAD9DA1059869CD03DC09305D5390D5EA7690C5348D9053A709A8831ECFA95D43AD779793E7D3

  • wss

    wss://172.236.171.111:443/agent.ashx

Targets

    • Target

      2024-10-06_683182aa6147a64e4e5ec0799294184d_ryuk_sliver

    • Size

      3.2MB

    • MD5

      683182aa6147a64e4e5ec0799294184d

    • SHA1

      e9749f2c6caf16d35cbceb48e23b48d5a5d7ef02

    • SHA256

      a973321bd490c061bfbc44a59693fe64c8efc1fe1022e798a390f8facfaf23c6

    • SHA512

      b6e429cc687b13b26275eef1f40cea6b99e5c561b86fc441ac58632ec317583f4da7e154618ef60844b945c634dc83a96ffa9239bd1ae7fb885ff239126271ff

    • SSDEEP

      49152:tX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQer:tlRsZ47/QXoHUOfAoj1U

    Score
    1/10

MITRE ATT&CK Matrix

Tasks