General
-
Target
2024-10-12_580f37dd9189748835e623704ca37a6b_ryuk_sliver
-
Size
3.3MB
-
Sample
241012-lmyzystgnh
-
MD5
580f37dd9189748835e623704ca37a6b
-
SHA1
a1286fd5297fa0555c282555373f16e0121548dc
-
SHA256
6f1e8f9999257ea11acb232281903901802cd85fb3a68dbbc83c87ddb32160f1
-
SHA512
37d32b043c6e8c83d80736ffd6de1dde92e59765c7356276f9979c9d21d3623aece1b291fc97e2b3899d6b00b84b330e75a02ca8417f657473e25698e002a8e3
-
SSDEEP
49152:FX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85QP:FlRsZ47/QXoHUOfAoj1x6P
Behavioral task
behavioral1
Sample
2024-10-12_580f37dd9189748835e623704ca37a6b_ryuk_sliver.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
2024-10-12_580f37dd9189748835e623704ca37a6b_ryuk_sliver.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
meshagent
2
TacticalRMM
http://mesh.techilogicit.com:443/agent.ashx
-
mesh_id
0x03AC90B12E15244C5415FC0828FEFA9332E88DA19197BAF413059CA84105EB1E94A7BE3128E4E33FBC742E08703E7031
-
server_id
446B305BF129CE389761C69B073EEF39C31C7FA351AE2AF9F61E6F48B537598740911578F70AFF1606B386171FEE18B0
-
wss
wss://mesh.techilogicit.com:443/agent.ashx
Targets
-
-
Target
2024-10-12_580f37dd9189748835e623704ca37a6b_ryuk_sliver
-
Size
3.3MB
-
MD5
580f37dd9189748835e623704ca37a6b
-
SHA1
a1286fd5297fa0555c282555373f16e0121548dc
-
SHA256
6f1e8f9999257ea11acb232281903901802cd85fb3a68dbbc83c87ddb32160f1
-
SHA512
37d32b043c6e8c83d80736ffd6de1dde92e59765c7356276f9979c9d21d3623aece1b291fc97e2b3899d6b00b84b330e75a02ca8417f657473e25698e002a8e3
-
SSDEEP
49152:FX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85QP:FlRsZ47/QXoHUOfAoj1x6P
Score1/10 -