General

  • Target

    2024-10-16_4e14f15ad5c9167df6854cdb8aa99ddf_ryuk_sliver

  • Size

    3.3MB

  • Sample

    241016-gh9hnszepn

  • MD5

    4e14f15ad5c9167df6854cdb8aa99ddf

  • SHA1

    9927745f10d9303fe775012a8fc6b92b9bc6c96b

  • SHA256

    0a62e989c3d78d65e901c88b7d9f5b05ed87fb24a0d87a120ef1527b08b89ead

  • SHA512

    d49128f091e52592fbc2b49c2dbb6fe3aaebf704886a23c8d5816107d9d7eadb9cfac63760c03e6bd3ff0a7ea436df077eba073ec089d0aba89c0a1dbdc33bee

  • SSDEEP

    49152:LX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85Qi:LlRsZ47/QXoHUOfAoj1x6i

Score
10/10

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

Nighty

C2

http://91.92.241.2:444/agent.ashx

Attributes
  • mesh_id

    0x2ECF43E814C5019717CFC2FCD8E6A4FE0E555B492B3051679D12B3704627192DB54BBE506FA471FE940811083DA3C030

  • server_id

    7DC5DF9B3D8A1810E05A3234FA4E8F2979CB3592C93462DC63E7ED03524080B0147C79372E50E3199C0C2D4C3813CFAA

  • wss

    wss://91.92.241.2:444/agent.ashx

Targets

    • Target

      2024-10-16_4e14f15ad5c9167df6854cdb8aa99ddf_ryuk_sliver

    • Size

      3.3MB

    • MD5

      4e14f15ad5c9167df6854cdb8aa99ddf

    • SHA1

      9927745f10d9303fe775012a8fc6b92b9bc6c96b

    • SHA256

      0a62e989c3d78d65e901c88b7d9f5b05ed87fb24a0d87a120ef1527b08b89ead

    • SHA512

      d49128f091e52592fbc2b49c2dbb6fe3aaebf704886a23c8d5816107d9d7eadb9cfac63760c03e6bd3ff0a7ea436df077eba073ec089d0aba89c0a1dbdc33bee

    • SSDEEP

      49152:LX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85Qi:LlRsZ47/QXoHUOfAoj1x6i

    Score
    1/10

MITRE ATT&CK Matrix

Tasks