meshagent | ab0eb82d177948afe4a727c29db9e0daf1918269cb4b58186d663ade7b14cdd6 | Triage

Sharing

General

Target

2024-11-01_04b62ecf0c4d3fb02c102d0fa79d6be7_ryuk_sliver
Size

3.3MB
Sample

241101-lkw3kszdjj
MD5

04b62ecf0c4d3fb02c102d0fa79d6be7
SHA1

a49b65a93e8a8b1199131f7ec462450c7f4aa277
SHA256

ab0eb82d177948afe4a727c29db9e0daf1918269cb4b58186d663ade7b14cdd6
SHA512

0aed58d5d175ac2245fbe28de555d430bbbc27b47260446689b44099af1bcc5cf6dd809332f73208bb45a8d21744c2feab5da31580fe37b23e671b9ce76f5934
SSDEEP

49152:if708gNcR9l5NyQB7q1AlgraPgDLDVXI2RXgGfX2kMFvfAw6dZ7Nueuxg5A+:i+49lnyeG3D56gXm6Hq+

Score

10^/10

meshagent follow-up

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

follow-up

Attributes

mesh_id
0x383DAD73A694BDD118E6B9F9E3F944A9D3BE4E8E11FA2C9ED4931604D80AD153003CEFED28CAA2C076B732079D486EF2
server_id
2CCE6CFAA407729E6CE60960D1CBA29EFEC0F2DEFF8FAD250AFDDB9513B9A2C211955CA2136F14F7079E1240BE0926EA
wss
localhost

Targets

- Target
  
  2024-11-01_04b62ecf0c4d3fb02c102d0fa79d6be7_ryuk_sliver
- Size
  
  3.3MB
- MD5
  
  04b62ecf0c4d3fb02c102d0fa79d6be7
- SHA1
  
  a49b65a93e8a8b1199131f7ec462450c7f4aa277
- SHA256
  
  ab0eb82d177948afe4a727c29db9e0daf1918269cb4b58186d663ade7b14cdd6
- SHA512
  
  0aed58d5d175ac2245fbe28de555d430bbbc27b47260446689b44099af1bcc5cf6dd809332f73208bb45a8d21744c2feab5da31580fe37b23e671b9ce76f5934
- SSDEEP
  
  49152:if708gNcR9l5NyQB7q1AlgraPgDLDVXI2RXgGfX2kMFvfAw6dZ7Nueuxg5A+:i+49lnyeG3D56gXm6Hq+
Score

1^/10
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

follow-upmeshagent

behavioral1

behavioral2