meshagent | 48c21354fe98e675a0b27ea392a2d0276bb3b86e60475e353754adb4ab2e2f7e | Triage

Sharing

General

Target

48c21354fe98e675a0b27ea392a2d0276bb3b86e60475e353754adb4ab2e2f7eN
Size

3.3MB
Sample

241027-thlstsxkc1
MD5

9818fd3556373553ea7dce4fd3843cb0
SHA1

278b054395cfb42ee46c17cf6030eb0d2e6ae90a
SHA256

48c21354fe98e675a0b27ea392a2d0276bb3b86e60475e353754adb4ab2e2f7e
SHA512

1e4a31699e7bc5b99572e5d281ca1c74eaf04607532506844534ef4a112dd84bcfe9265c81ecedb7f268e13aaeee80c7c628010945b9c6820e02582855fd3be6
SSDEEP

49152:tX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85Qm:tlRsZ47/QXoHUOfAoj1x6m

Score

10^/10

meshagent tacticalrmm

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

TacticalRMM

C2

http://mesh.trmmigorkot.com:443/agent.ashx

Attributes

mesh_id
0xF59C1C86B92F5161A9477878642DF262A14D151A8640B066CE197C8619FB3544DC1EC44C8F866D6F16FE5BFE84B39120
server_id
6C875EDDDAA3D9918BE7E92B460515E05D310AE677557DC07B1B141BBDB2DC85BCF0E2F56A4295FD5D7F381D859BD4FF
wss
wss://mesh.trmmigorkot.com:443/agent.ashx

Targets

- Target
  
  48c21354fe98e675a0b27ea392a2d0276bb3b86e60475e353754adb4ab2e2f7eN
- Size
  
  3.3MB
- MD5
  
  9818fd3556373553ea7dce4fd3843cb0
- SHA1
  
  278b054395cfb42ee46c17cf6030eb0d2e6ae90a
- SHA256
  
  48c21354fe98e675a0b27ea392a2d0276bb3b86e60475e353754adb4ab2e2f7e
- SHA512
  
  1e4a31699e7bc5b99572e5d281ca1c74eaf04607532506844534ef4a112dd84bcfe9265c81ecedb7f268e13aaeee80c7c628010945b9c6820e02582855fd3be6
- SSDEEP
  
  49152:tX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85Qm:tlRsZ47/QXoHUOfAoj1x6m
Score

1^/10
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

tacticalrmmmeshagent

behavioral1

behavioral2