General

  • Target

    2024-10-19_261506951999e4e575117abeed1aeb15_ryuk_sliver

  • Size

    3.3MB

  • Sample

    241019-a54sdayflr

  • MD5

    261506951999e4e575117abeed1aeb15

  • SHA1

    7cb37b699503ad575c78c4b286c0e1d4bcc40788

  • SHA256

    22c2cb2d4fc9f663c1cb06ec6ceed1a3008e2c50252d6382e34107256680501d

  • SHA512

    32feba7fc5f76f6c591917c89a3fd00c7ee1262951053438b8dcf77ae3a667af022b72908e39e2e8167906d696211475b1ac23b4d43ed2a1fa1fa55d0cfd3d7b

  • SSDEEP

    49152:Mf708gNcR9l5NyQB7q1AlgraPgDLDVXI2RXgGfX2kMFvfAw6dZ7Nueuxg5AB:M+49lnyeG3D56gXm6HqB

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

Нефтекамский многопрофильный колледж (78146828UL))

C2

http://meshcent.its.ufanet.ru:443/agent.ashx

Attributes
  • mesh_id

    0xF64FF30CFE62BA36D9DF922C2A6AA82C996AA992CFBD193E3D0CEF148470C3B623F133A720390A4ABA9A6E002D1C3896

  • server_id

    92361DD62E17552490F9968C444EAF21618626EC916098B7A27028E3759BECFC00603247A5829F7E5F230D03F82213BF

  • wss

    wss://meshcent.its.ufanet.ru:443/agent.ashx

Targets

    • Target

      2024-10-19_261506951999e4e575117abeed1aeb15_ryuk_sliver

    • Size

      3.3MB

    • MD5

      261506951999e4e575117abeed1aeb15

    • SHA1

      7cb37b699503ad575c78c4b286c0e1d4bcc40788

    • SHA256

      22c2cb2d4fc9f663c1cb06ec6ceed1a3008e2c50252d6382e34107256680501d

    • SHA512

      32feba7fc5f76f6c591917c89a3fd00c7ee1262951053438b8dcf77ae3a667af022b72908e39e2e8167906d696211475b1ac23b4d43ed2a1fa1fa55d0cfd3d7b

    • SSDEEP

      49152:Mf708gNcR9l5NyQB7q1AlgraPgDLDVXI2RXgGfX2kMFvfAw6dZ7Nueuxg5AB:M+49lnyeG3D56gXm6HqB

    Score
    1/10

MITRE ATT&CK Matrix

Tasks