Overview

overview

10

Static

static

10

2024-10-28...er.exe

windows7-x64

1

2024-10-28...er.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-10-28_9bc78d3453e3e33b792e1a7343d3e8c2_ryuk_sliver

  • Size

    3.4MB

  • Sample

    241028-rwzkqs1hlk

  • MD5

    9bc78d3453e3e33b792e1a7343d3e8c2

  • SHA1

    74491faefe3b8b068c752054a64a5d2d3d96a038

  • SHA256

    e132fe4870fdce566011797a18df9590a70e9fd988df95afb9b00b5bf7792938

  • SHA512

    213e26632cd94c4ec094ecc0cb26b713caf328c558e3a96377dfafc21664dff8bfe27b6e1c886aa5a2cd2dd4dcce35eb708c6658e5c1f93f518e1b3884448838

  • SSDEEP

    49152:jX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe55bfxk:jlRsZ47/QXoHUOfAoj1gxfW

Score
10/10
meshagentmgm

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

MGM

C2

http://m.w3k.io:443/agent.ashx

Attributes
  • mesh_id

    0x36155795B92FE848899CE916D9C8D3EFDB9B4E4904350C79B875682165AEB28FCB75304213383908145905254841B3CC

  • server_id

    B2EC70546B43CF1D1137B8FCF6B9C267BA53725DDDD8A1254A749BB9306C7FA1C2E923D314FAA4A25550CAA2B23F9084

  • wss

    wss://m.w3k.io:443/agent.ashx

Targets

    • Target

      2024-10-28_9bc78d3453e3e33b792e1a7343d3e8c2_ryuk_sliver

    • Size

      3.4MB

    • MD5

      9bc78d3453e3e33b792e1a7343d3e8c2

    • SHA1

      74491faefe3b8b068c752054a64a5d2d3d96a038

    • SHA256

      e132fe4870fdce566011797a18df9590a70e9fd988df95afb9b00b5bf7792938

    • SHA512

      213e26632cd94c4ec094ecc0cb26b713caf328c558e3a96377dfafc21664dff8bfe27b6e1c886aa5a2cd2dd4dcce35eb708c6658e5c1f93f518e1b3884448838

    • SSDEEP

      49152:jX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe55bfxk:jlRsZ47/QXoHUOfAoj1gxfW

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks