General
-
Target
2024-10-08_4d8f4d308992a3f0c08ff13e38589a20_ryuk_sliver
-
Size
3.2MB
-
Sample
241008-hkvb7sxdna
-
MD5
4d8f4d308992a3f0c08ff13e38589a20
-
SHA1
6041a7d0d07f6a0e317c3494ba79872b817759e5
-
SHA256
7c1a8c64e735e29111ad5a448fc01545e64838a9e08ac2fa8956d8f15b2e21f5
-
SHA512
3df70ce2da34273188f6c82c00faad503d3fb9dca576128f6c72a368dad425258db2da16c7129f4c0131102789e71173290f5d072baee594b76ac88c911589d4
-
SSDEEP
49152:nX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQei:nlRsZ47/QXoHUOfAoj1h
Behavioral task
behavioral1
Sample
2024-10-08_4d8f4d308992a3f0c08ff13e38589a20_ryuk_sliver.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
2024-10-08_4d8f4d308992a3f0c08ff13e38589a20_ryuk_sliver.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
meshagent
2
Temp
http://172.236.83.83:443/agent.ashx
-
mesh_id
0x0E45A78A5F16DBAF8BD2473CB202223C235E18699BFDD8E4C3C82A1BEA3E777130DDB6734BFB33833460E51A59F0362A
-
server_id
A3E8310746BD426DA323726ABC4AD08369CE25D636E124043B71652574208BC63CD1F25F6301779C8B948CFA14A53E6B
-
wss
wss://172.236.83.83:443/agent.ashx
Targets
-
-
Target
2024-10-08_4d8f4d308992a3f0c08ff13e38589a20_ryuk_sliver
-
Size
3.2MB
-
MD5
4d8f4d308992a3f0c08ff13e38589a20
-
SHA1
6041a7d0d07f6a0e317c3494ba79872b817759e5
-
SHA256
7c1a8c64e735e29111ad5a448fc01545e64838a9e08ac2fa8956d8f15b2e21f5
-
SHA512
3df70ce2da34273188f6c82c00faad503d3fb9dca576128f6c72a368dad425258db2da16c7129f4c0131102789e71173290f5d072baee594b76ac88c911589d4
-
SSDEEP
49152:nX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQei:nlRsZ47/QXoHUOfAoj1h
Score1/10 -