General
-
Target
mesh.bin
-
Size
3.3MB
-
Sample
241015-rb6hjsybjd
-
MD5
66b49f392d3206fdf44c00d7d447ef95
-
SHA1
ae62bd12b1e5a35089b4e48bc8c9b32e25aa45af
-
SHA256
8e088bcdbdb7d2e9fe7ce1c03762b3a90863ae468db3c2322d48d521a155718a
-
SHA512
6bc90e0dd8dba6eaa8fddf8d5b7e7d6baf7d02529381ac9f14133fd659f4db62a82467763f637bac3ed15952df810f7dd1ad339cd12f18a1c5802f7b468eebe3
-
SSDEEP
49152:GX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85QD:GlRsZ47/QXoHUOfAoj1x6D
Behavioral task
behavioral1
Sample
mesh.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
meshagent
2
Loby
http://185.238.2.165:443/agent.ashx
-
mesh_id
0xC304DE15672331E487E49E54DC14A91A54E2B39D27EDD29EFD0E98B88B7BFC5C46C3E22343004DD24C90CEAD063B852F
-
server_id
EE7857EEA5D58F74B4D8AA483BBE05582840FCBCFBEFBDDA9A5B9F633E7AA89FE070CE509CE6982AE80FB3B6FF0C887A
-
wss
wss://185.238.2.165:443/agent.ashx
Targets
-
-
Target
mesh.bin
-
Size
3.3MB
-
MD5
66b49f392d3206fdf44c00d7d447ef95
-
SHA1
ae62bd12b1e5a35089b4e48bc8c9b32e25aa45af
-
SHA256
8e088bcdbdb7d2e9fe7ce1c03762b3a90863ae468db3c2322d48d521a155718a
-
SHA512
6bc90e0dd8dba6eaa8fddf8d5b7e7d6baf7d02529381ac9f14133fd659f4db62a82467763f637bac3ed15952df810f7dd1ad339cd12f18a1c5802f7b468eebe3
-
SSDEEP
49152:GX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85QD:GlRsZ47/QXoHUOfAoj1x6D
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-