General
-
Target
2024-10-11_7cf1afe3ed0ad07f6131022484335cc0_ryuk_sliver
-
Size
3.3MB
-
Sample
241011-y62amssbqa
-
MD5
7cf1afe3ed0ad07f6131022484335cc0
-
SHA1
68c152c547f034c0d884e8bdc1fca847f5fcae81
-
SHA256
116ef1d1e1573a23c279a194f59fedb5a9b13e7ff908fcbe0bb51409e0c38c39
-
SHA512
2a1ccc05da68db43965d6749423baa4b1dcc875b8264d3479c50418110da5b8f2247008199d9eb3ac8a1050274e915ca40bf58da2c19264e92f98ee637eae338
-
SSDEEP
49152:3X3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85QHr0:3lRsZ47/QXoHUOfAoj1x6I
Behavioral task
behavioral1
Sample
2024-10-11_7cf1afe3ed0ad07f6131022484335cc0_ryuk_sliver.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
2024-10-11_7cf1afe3ed0ad07f6131022484335cc0_ryuk_sliver.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
meshagent
2
Foreign
http://f6sa8fjfsk83f.duckdns.org:443/agent.ashx
-
mesh_id
0x65B45746CF29391B6B64B67C24213161F77240168037C165956D813C1181B1E2DF5E8D9EFAD5D2920FDFB67A533B11FB
-
server_id
4A0AD919A6121F12CA434E087EC4C25729717703712AC918C545C9F61C0DF0D1BC334464BBE6DC4BBC877042D49BE5A3
-
wss
wss://f6sa8fjfsk83f.duckdns.org:443/agent.ashx
Targets
-
-
Target
2024-10-11_7cf1afe3ed0ad07f6131022484335cc0_ryuk_sliver
-
Size
3.3MB
-
MD5
7cf1afe3ed0ad07f6131022484335cc0
-
SHA1
68c152c547f034c0d884e8bdc1fca847f5fcae81
-
SHA256
116ef1d1e1573a23c279a194f59fedb5a9b13e7ff908fcbe0bb51409e0c38c39
-
SHA512
2a1ccc05da68db43965d6749423baa4b1dcc875b8264d3479c50418110da5b8f2247008199d9eb3ac8a1050274e915ca40bf58da2c19264e92f98ee637eae338
-
SSDEEP
49152:3X3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85QHr0:3lRsZ47/QXoHUOfAoj1x6I
Score1/10 -