Overview

overview

10

Static

static

10

2024-10-25...er.exe

windows7-x64

1

2024-10-25...er.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-10-25_8038807a6b318adaa31a5cfceb0ef0e6_ryuk_sliver

  • Size

    3.5MB

  • Sample

    241025-pte27szgkk

  • MD5

    8038807a6b318adaa31a5cfceb0ef0e6

  • SHA1

    659b91c985d93524f112fecc3269bd705da4651b

  • SHA256

    ac198abaa4c1ab17238957e73adfd7c191e971d96c8e953cae8baab4bf5c3aff

  • SHA512

    5362be63f9e301fa399b9952f43fc9e0f6242017100b1b1d7b9014f1125c664ed1f18522b9e76ae1dfe88ffd2964b2b3853ed98db33afac4a6a1a315b0699ff0

  • SSDEEP

    49152:UX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQeN5jaRo:UlRsZ47/QXoHUOfAoj1A5t

Score
10/10
meshagentальянс-юг pc

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

Альянс-ЮГ PC

C2

http://ssl.netenv.icu:443/agent.ashx

Attributes
  • mesh_id

    0x68F15CE54A4B2D4851B8436DEFCF7EB0E354F6A54AF1C589CC61BE6753562D5F810859A76AE635B36D9B96AF4014CA4C

  • server_id

    774DF3F4D3F49858DEF06D4FFBF2A724D573CA6EF2EBFB6DC80F445D0C5F24C84E1EF8364AB19E6D7D1CE9FEA6BA2C66

  • wss

    wss://ssl.netenv.icu:443/agent.ashx

Targets

    • Target

      2024-10-25_8038807a6b318adaa31a5cfceb0ef0e6_ryuk_sliver

    • Size

      3.5MB

    • MD5

      8038807a6b318adaa31a5cfceb0ef0e6

    • SHA1

      659b91c985d93524f112fecc3269bd705da4651b

    • SHA256

      ac198abaa4c1ab17238957e73adfd7c191e971d96c8e953cae8baab4bf5c3aff

    • SHA512

      5362be63f9e301fa399b9952f43fc9e0f6242017100b1b1d7b9014f1125c664ed1f18522b9e76ae1dfe88ffd2964b2b3853ed98db33afac4a6a1a315b0699ff0

    • SSDEEP

      49152:UX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQeN5jaRo:UlRsZ47/QXoHUOfAoj1A5t

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks