Overview

overview

10

Static

static

10

2024-10-22...er.exe

windows7-x64

1

2024-10-22...er.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-10-22_94edb1450da05482742e87a0f551953b_ryuk_sliver

  • Size

    3.3MB

  • Sample

    241022-3m7qjazepd

  • MD5

    94edb1450da05482742e87a0f551953b

  • SHA1

    b83c27fe54c6c8ea40f7c499aedba6fb7b66be30

  • SHA256

    da98b3869d8b00f6c1fe443675fa65d8c504f169dd9f0e9c4010b7689e974380

  • SHA512

    61eac2968807ff0335094030cdb708cf00f54e6a23d84468184cb23422a2d109fa42f9f098439b839506033e4136e0f71030889bdef13de0529f9f518a80d919

  • SSDEEP

    49152:vX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQet5B:vlRsZ47/QXoHUOfAoj14T

Score
10/10
meshagentpune

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

Pune

C2

http://remoteshare.in:443/agent.ashx

Attributes
  • mesh_id

    0x147D947C67896CBFA9A9DD3C314B5B726E85BA27E6DB2682C74EA268857DB84B65C4A83007E038189CE7D705C5B4A4BD

  • server_id

    C548A56198204AA58B1B935B7C94DEC937F526F4D95BA9A934173D49C789C88C656BEC078BE602DD32033D07A44BF5E2

  • wss

    wss://remoteshare.in:443/agent.ashx

Targets

    • Target

      2024-10-22_94edb1450da05482742e87a0f551953b_ryuk_sliver

    • Size

      3.3MB

    • MD5

      94edb1450da05482742e87a0f551953b

    • SHA1

      b83c27fe54c6c8ea40f7c499aedba6fb7b66be30

    • SHA256

      da98b3869d8b00f6c1fe443675fa65d8c504f169dd9f0e9c4010b7689e974380

    • SHA512

      61eac2968807ff0335094030cdb708cf00f54e6a23d84468184cb23422a2d109fa42f9f098439b839506033e4136e0f71030889bdef13de0529f9f518a80d919

    • SSDEEP

      49152:vX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQet5B:vlRsZ47/QXoHUOfAoj14T

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks