meshagent | 4fcc8bbe66c55b189084c1220fcd38a62fdc739aabb5a223c5b74d84a75b5411 | Triage

Resubmissions

24-10-2024 11:39

241024-nsbgyszdjm 10

24-10-2024 11:38

241024-nrtbdazcqq 10

Sharing

General

Target

Network Adapter Broker.exe
Size

3.5MB
Sample

241024-nrtbdazcqq
MD5

59273cf15077d41e6205d74898aa0eb7
SHA1

3c560ea0e4d4609de270768332f28f7bb718a7cf
SHA256

4fcc8bbe66c55b189084c1220fcd38a62fdc739aabb5a223c5b74d84a75b5411
SHA512

4ac5b807cea4e5c0bd306201b7c28de538cdc4ce944c57c757c33ba13d6f40ee405f30d1992c944921463c22fcfbcd1553a5b3dfa638705f7f61d5c92745ccfc
SSDEEP

24576:FAKABpHjCtWBrIN7GGRxkasEBrg8NwkePXlBIw9kBZ78gzOn4ae9ryq5kQcL7P:FA3D+UN3bEnwkePXlBaZ7EYr5kJv

Score

10^/10

meshagent agents

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

Agents

C2

http://192.168.22.103:443/agent.ashx

Attributes

mesh_id
0xBB1227C2C5DBF5D22F9A9FAD3E22FA627FA00027B1498C77028683DDE4F7C266D262698C3E2580C2E6717E6DA0EDDDFE
server_id
0ECE9AA53A3AFECFCE435ABEE5D9E9F8224B00636C0CCC9F39E61F4BB30B1023F087634BEFB9D852CD99E86B5BA50B8E
wss
wss://192.168.22.103:443/agent.ashx

Targets

- Target
  
  Network Adapter Broker.exe
- Size
  
  3.5MB
- MD5
  
  59273cf15077d41e6205d74898aa0eb7
- SHA1
  
  3c560ea0e4d4609de270768332f28f7bb718a7cf
- SHA256
  
  4fcc8bbe66c55b189084c1220fcd38a62fdc739aabb5a223c5b74d84a75b5411
- SHA512
  
  4ac5b807cea4e5c0bd306201b7c28de538cdc4ce944c57c757c33ba13d6f40ee405f30d1992c944921463c22fcfbcd1553a5b3dfa638705f7f61d5c92745ccfc
- SSDEEP
  
  24576:FAKABpHjCtWBrIN7GGRxkasEBrg8NwkePXlBIw9kBZ78gzOn4ae9ryq5kQcL7P:FA3D+UN3bEnwkePXlBaZ7EYr5kJv
Score

1^/10
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

agentsmeshagent

behavioral1

behavioral2