General
-
Target
2024-10-16_68e8247ae8c05552b0d5ee0208a49f2f_ryuk_sliver
-
Size
3.3MB
-
Sample
241016-xg5q4azdmj
-
MD5
68e8247ae8c05552b0d5ee0208a49f2f
-
SHA1
5e0e66e0d6777f71859c3656e3bb82b443f52b4e
-
SHA256
daa9dbcd16825428bdb4857f97f882a0102c58c79869273b7d37dda927e51062
-
SHA512
24fc60451363dfc66f892634088705c847bb99c6bfc303b92da0b3b62220f8bea4f50d4f1dab7ebd526e9d7e3f83bae76dbaca04fa3e3237b5c8791c019770ea
-
SSDEEP
49152:rX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85QH:rlRsZ47/QXoHUOfAoj1x6H
Behavioral task
behavioral1
Sample
2024-10-16_68e8247ae8c05552b0d5ee0208a49f2f_ryuk_sliver.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
2024-10-16_68e8247ae8c05552b0d5ee0208a49f2f_ryuk_sliver.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
meshagent
2
William Birdwell
http://remote.tech-realms.com:443/agent.ashx
-
mesh_id
0xC8AFF3564C00C2737664BB4A9C80CCC09BD7AB4400AE45646E3301BFF84D283A0B03B43AB78C846EEA870F795FDA752B
-
server_id
4AEEA465E88842CA26A8DC1450532F8ED148A195E130DFE9119E81383FDA470EA29A2C897F2B9937BCC35EC3481012B0
-
wss
wss://remote.tech-realms.com:443/agent.ashx
Targets
-
-
Target
2024-10-16_68e8247ae8c05552b0d5ee0208a49f2f_ryuk_sliver
-
Size
3.3MB
-
MD5
68e8247ae8c05552b0d5ee0208a49f2f
-
SHA1
5e0e66e0d6777f71859c3656e3bb82b443f52b4e
-
SHA256
daa9dbcd16825428bdb4857f97f882a0102c58c79869273b7d37dda927e51062
-
SHA512
24fc60451363dfc66f892634088705c847bb99c6bfc303b92da0b3b62220f8bea4f50d4f1dab7ebd526e9d7e3f83bae76dbaca04fa3e3237b5c8791c019770ea
-
SSDEEP
49152:rX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85QH:rlRsZ47/QXoHUOfAoj1x6H
Score1/10 -