General

  • Target

    2024-10-07_720d104e116e9dd88706c2811d3a5d2a_ryuk_sliver

  • Size

    3.2MB

  • Sample

    241007-2av1jawdkk

  • MD5

    720d104e116e9dd88706c2811d3a5d2a

  • SHA1

    51cacfec57922a86e469ea1e435f362556b10e15

  • SHA256

    e4375ee29ef1c8f9762e3a3bed96422fe10107e29cd010db1a59269946310470

  • SHA512

    1a48f3b088243375a1fa6f4d956d34eed2a1a1eea0593b2a28318ff89dbb09368d2c0bcc459a041427813b9dea45096ba721e5248ec9e675e5fff1d145e45ceb

  • SSDEEP

    49152:e0yAXvucS6SnbZVlxyZH0XAaCx5OX9ZO/xtEfOfzMFvfDTtKjkVE+ubDw8litYOn:Fvg6ClrBCjec+OfAK7DuYOQG

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

Uceda - Jones

C2

http://remote.opennology.com:443/agent.ashx

Attributes
  • mesh_id

    0xC5B4844AD2A9004F5010F044089637485AD4C8785249ECE31CC06CF83F2A34938E0919A292351498100C4CA19CC1AE7D

  • server_id

    CEA0C3AF6448380189838E51FE29C7BDFDCC5A7E86351147799A84708BCD06B563FA9701A30D129D9BAAE972A73B5591

  • wss

    wss://remote.opennology.com:443/agent.ashx

Targets

    • Target

      2024-10-07_720d104e116e9dd88706c2811d3a5d2a_ryuk_sliver

    • Size

      3.2MB

    • MD5

      720d104e116e9dd88706c2811d3a5d2a

    • SHA1

      51cacfec57922a86e469ea1e435f362556b10e15

    • SHA256

      e4375ee29ef1c8f9762e3a3bed96422fe10107e29cd010db1a59269946310470

    • SHA512

      1a48f3b088243375a1fa6f4d956d34eed2a1a1eea0593b2a28318ff89dbb09368d2c0bcc459a041427813b9dea45096ba721e5248ec9e675e5fff1d145e45ceb

    • SSDEEP

      49152:e0yAXvucS6SnbZVlxyZH0XAaCx5OX9ZO/xtEfOfzMFvfDTtKjkVE+ubDw8litYOn:Fvg6ClrBCjec+OfAK7DuYOQG

    Score
    1/10

MITRE ATT&CK Matrix

Tasks