General

  • Target

    2024-10-06_4ec653db20e204fa8708ee3ef5932a42_ryuk_sliver

  • Size

    3.3MB

  • Sample

    241006-qvenhawfmj

  • MD5

    4ec653db20e204fa8708ee3ef5932a42

  • SHA1

    d1e19c7ce1233defdccadc26ebbed10b6287cabd

  • SHA256

    d1a1a3632b790c98504e7fa36549586550b57901618ae214e4c2f4b081ec547b

  • SHA512

    75a9d1c127c7747b8cedeb424c71641a8c8388eff5ef12bf77dd63c61c70e7216903d72b9cd4111988595a38795aac0c8ce2adbee4fd3289394cfaddff7e6d46

  • SSDEEP

    49152:Yf708gNcR9l5NyQB7q1AlgraPgDLDVXI2RXgGfX2kMFvfAw6dZ7Nueuxg5A8:Y+49lnyeG3D56gXm6Hq8

Score
10/10

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

70-2

C2

http://control3.colizeumarena.ru:443/agent.ashx

Attributes
  • mesh_id

    0xCC52354A8FEB2C87376B2C17C7E296D0EA7DFB648BB78625152BD7CE77729FAA35FFF3F23D2D2BE5EB7D975121D1B08E

  • server_id

    C1139252AFB8BB79497F4C3FFFE817B4721FC57DF5DB25C1AFDFE4C5780D3D815802672B52644A626A44410DFFDE7D27

  • wss

    wss://control3.colizeumarena.ru:443/agent.ashx

Targets

    • Target

      2024-10-06_4ec653db20e204fa8708ee3ef5932a42_ryuk_sliver

    • Size

      3.3MB

    • MD5

      4ec653db20e204fa8708ee3ef5932a42

    • SHA1

      d1e19c7ce1233defdccadc26ebbed10b6287cabd

    • SHA256

      d1a1a3632b790c98504e7fa36549586550b57901618ae214e4c2f4b081ec547b

    • SHA512

      75a9d1c127c7747b8cedeb424c71641a8c8388eff5ef12bf77dd63c61c70e7216903d72b9cd4111988595a38795aac0c8ce2adbee4fd3289394cfaddff7e6d46

    • SSDEEP

      49152:Yf708gNcR9l5NyQB7q1AlgraPgDLDVXI2RXgGfX2kMFvfAw6dZ7Nueuxg5A8:Y+49lnyeG3D56gXm6Hq8

    Score
    1/10

MITRE ATT&CK Matrix

Tasks