meshagent | eebd6f7e099a468df3924286ba6d2ec2b0f4e42b35486ae3aa3bf795d4bfe7b0 | Triage

Sharing

General

Target

2024-10-24_c6b6158186de0abbdfebd2a97843a060_ryuk_sliver
Size

3.4MB
Sample

241024-b2s25sydjd
MD5

c6b6158186de0abbdfebd2a97843a060
SHA1

d78078b659c14421097de05ea8d57c3528515705
SHA256

eebd6f7e099a468df3924286ba6d2ec2b0f4e42b35486ae3aa3bf795d4bfe7b0
SHA512

7060ab7b9ea0474f3154ad8d1beb555751160221c070666fc5e6da1e5ab2982c2d7b9977b24f67c5a8ce09743dfae4db381b0441c6f89d0f9ccd6e9bbb9ba3ea
SSDEEP

49152:mX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQeN5Pv:mlRsZ47/QXoHUOfAoj1Mt

Score

10^/10

meshagent дорстрой рнд

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

Дорстрой РнД

C2

http://mc.ininform.ru:443/agent.ashx

Attributes

mesh_id
0x0D0B98FFD41FF6F06416E872A219E62ABBDA90A5702F61F69E4DEC93086EEC1DDC2A4E25FA8BE6F9243B8D25D909459A
server_id
A7981104AA9754FFA09FD49CB40717D2D8C4E770BF960B3907F2A61907B412226E78EFFEA1240F169FFBE9959C55FBEB
wss
wss://mc.ininform.ru:443/agent.ashx

Targets

- Target
  
  2024-10-24_c6b6158186de0abbdfebd2a97843a060_ryuk_sliver
- Size
  
  3.4MB
- MD5
  
  c6b6158186de0abbdfebd2a97843a060
- SHA1
  
  d78078b659c14421097de05ea8d57c3528515705
- SHA256
  
  eebd6f7e099a468df3924286ba6d2ec2b0f4e42b35486ae3aa3bf795d4bfe7b0
- SHA512
  
  7060ab7b9ea0474f3154ad8d1beb555751160221c070666fc5e6da1e5ab2982c2d7b9977b24f67c5a8ce09743dfae4db381b0441c6f89d0f9ccd6e9bbb9ba3ea
- SSDEEP
  
  49152:mX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQeN5Pv:mlRsZ47/QXoHUOfAoj1Mt
Score

1^/10
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

дорстрой рндmeshagent

behavioral1

behavioral2