meshagent | f008fc2e067b86c81d0deaddecb9e055984621d95df8f3c141e42f229292dcf1 | Triage

Sharing

General

Target

2024-11-01_708c64063e1563cb9d02590f64378a88_ryuk_sliver
Size

3.3MB
Sample

241101-3h5elswgqh
MD5

708c64063e1563cb9d02590f64378a88
SHA1

c6d9fb8573d25a159db5e7034cb6aac73a389fa1
SHA256

f008fc2e067b86c81d0deaddecb9e055984621d95df8f3c141e42f229292dcf1
SHA512

1059e9273c179ab11c09c41f313652506293927ebd2f07b9b31651bfa419393c09f22eebab024d68e3696cfd5d707a7f7cb64ecb14523423d89ea425275df9c2
SSDEEP

49152:6X3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85QO:6lRsZ47/QXoHUOfAoj1x6O

Score

10^/10

meshagent tacticalrmm

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

TacticalRMM

C2

http://mesh.aodinfo.com:443/agent.ashx

Attributes

mesh_id
0x46C33C9D1C6F4BF2F210904C74DFF07D4057BC5F089171CFFA1F4C87F1F1FEDA62E85937EBC7EC20514967F4EE0245E4
server_id
A5B4B97EBAE17BFA08524157F3E390410F6ED55BE379BF1E504FDFD5A194C95569F6BC5F05F6890828922968252E130D
wss
wss://mesh.aodinfo.com:443/agent.ashx

Targets

- Target
  
  2024-11-01_708c64063e1563cb9d02590f64378a88_ryuk_sliver
- Size
  
  3.3MB
- MD5
  
  708c64063e1563cb9d02590f64378a88
- SHA1
  
  c6d9fb8573d25a159db5e7034cb6aac73a389fa1
- SHA256
  
  f008fc2e067b86c81d0deaddecb9e055984621d95df8f3c141e42f229292dcf1
- SHA512
  
  1059e9273c179ab11c09c41f313652506293927ebd2f07b9b31651bfa419393c09f22eebab024d68e3696cfd5d707a7f7cb64ecb14523423d89ea425275df9c2
- SSDEEP
  
  49152:6X3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85QO:6lRsZ47/QXoHUOfAoj1x6O
Score

1^/10
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

tacticalrmmmeshagent

behavioral1

behavioral2