General
-
Target
2024-10-31_b64e2656407a5a31d1288fb93a167e99_ryuk_sliver
-
Size
3.3MB
-
Sample
241031-nhmggavrev
-
MD5
b64e2656407a5a31d1288fb93a167e99
-
SHA1
10d6a7ad6b515ecf7ff1b42c97c6dc5c7fb829dd
-
SHA256
a9b357c6b259432f2c199e0776b2dcc38255ed244519215ada0d4b457b86dd67
-
SHA512
36d5e5c709033c9e6646950dd24852e8a27e85b5ed854abbda7471f6793ffc8ab08ef697abb365b12d9ab476bfe7b7301e344bad7d4cb34cfebff1251e62375f
-
SSDEEP
49152:SX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85Qm:SlRsZ47/QXoHUOfAoj1x6m
Behavioral task
behavioral1
Sample
2024-10-31_b64e2656407a5a31d1288fb93a167e99_ryuk_sliver.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
2024-10-31_b64e2656407a5a31d1288fb93a167e99_ryuk_sliver.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
meshagent
2
1
http://192.168.56.21:443/agent.ashx
-
mesh_id
0x1B2082BB6BBA1F9B1A90BEDEB890E072DB08F963C2AD21A3A0A8C3EBB6E5D0D0740249731749DD00C0F805A6E43C6AC3
-
server_id
95DDE9FE4B015BE4A2B0E37CB71C1F7EF96277E89148AB41BBAD292D6F1CD08D9E0D143CA7530AA6EA4D01D07A2ABEEE
-
wss
wss://192.168.56.21:443/agent.ashx
Targets
-
-
Target
2024-10-31_b64e2656407a5a31d1288fb93a167e99_ryuk_sliver
-
Size
3.3MB
-
MD5
b64e2656407a5a31d1288fb93a167e99
-
SHA1
10d6a7ad6b515ecf7ff1b42c97c6dc5c7fb829dd
-
SHA256
a9b357c6b259432f2c199e0776b2dcc38255ed244519215ada0d4b457b86dd67
-
SHA512
36d5e5c709033c9e6646950dd24852e8a27e85b5ed854abbda7471f6793ffc8ab08ef697abb365b12d9ab476bfe7b7301e344bad7d4cb34cfebff1251e62375f
-
SSDEEP
49152:SX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85Qm:SlRsZ47/QXoHUOfAoj1x6m
Score1/10 -