Overview

overview

10

Static

static

10

2024-10-23...er.exe

windows7-x64

1

2024-10-23...er.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-10-23_67ea16ebf2386e2d2a95b6c5e7818bc9_ryuk_sliver

  • Size

    3.3MB

  • Sample

    241023-v9rc3avbmm

  • MD5

    67ea16ebf2386e2d2a95b6c5e7818bc9

  • SHA1

    ecadd870220f2419b4eadb18e20848d6d4260c6e

  • SHA256

    9b2c5f16afb7672bf2cd8e161248bc0e2c0ef35ccbef23493c279a471b400188

  • SHA512

    4690d1dd5dbb512d62ab83d4f8e41fb14e04d0e59e92885bb14520c3fad238441dbb04208dbe7507bb51cc54f60af701f2a96c54dfc1ecd7fdfabc0a86b910a6

  • SSDEEP

    49152:uX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe/5F:ulRsZ47/QXoHUOfAoj1yv

Score
10/10
meshagent3.2.2

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

3.2.2

C2

http://001002003004005006007008009010011012013014015016017018019030.newappstore.buzz:443/a

Attributes
  • mesh_id

    0x84203C68C35CD20584DB7CC5BD7F33E49E44CC6300690CE639A215DA70F3806E85524F48D17B7D6E5ECF630E8FD63927

  • server_id

    03FDA5F2B1374CC3E063CCCB0540ACB3684C788DA3236A40B9A8798F1A5C582BB1717D517C0B20FF8C94EB78A0021F1E

  • wss

    wss://001002003004005006007008009010011012013014015016017018019030.newappstore.buzz:443/a

Targets

    • Target

      2024-10-23_67ea16ebf2386e2d2a95b6c5e7818bc9_ryuk_sliver

    • Size

      3.3MB

    • MD5

      67ea16ebf2386e2d2a95b6c5e7818bc9

    • SHA1

      ecadd870220f2419b4eadb18e20848d6d4260c6e

    • SHA256

      9b2c5f16afb7672bf2cd8e161248bc0e2c0ef35ccbef23493c279a471b400188

    • SHA512

      4690d1dd5dbb512d62ab83d4f8e41fb14e04d0e59e92885bb14520c3fad238441dbb04208dbe7507bb51cc54f60af701f2a96c54dfc1ecd7fdfabc0a86b910a6

    • SSDEEP

      49152:uX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe/5F:ulRsZ47/QXoHUOfAoj1yv

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks