Overview

overview

10

Static

static

10

2024-11-02...er.exe

windows7-x64

1

2024-11-02...er.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-11-02_06f1c3c24c8f2568a33c22e5ffb2b405_ryuk_sliver

  • Size

    3.2MB

  • Sample

    241102-ez24taxmdy

  • MD5

    06f1c3c24c8f2568a33c22e5ffb2b405

  • SHA1

    d14dbd6e6c1d3a4ceb513bc11b3730ed733a88d2

  • SHA256

    c85f73aa3244579f5b3539ecdea315d47538c0f80d7e641c076344a320fb63ed

  • SHA512

    e8f34bc85256689e8a349ed7f6b7922030ef5b2c821c9007db960488d75f9414d16cf11c5ec369c6ba87a943c1e22db8979000db61a21c62af83fe7e92d46bd5

  • SSDEEP

    49152:Z6Fva8Z3jsWlwddWq2qWDtywom4cVmxvAxLz/BViY36MFvf+QRQ0e11UOrdR852f:M7jxNqP/GmIzv3JQjv8Qf

Score
10/10
meshagentarc

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

ARC

C2

http://vallita.sytes.net:443/agent.ashx

Attributes
  • mesh_id

    0x8EFFBAB925D7FB2F2AD9FA9EB4DF394A9DC632A446A74E469856010433B651DE0B53DE06A05699CB97AF4F08D5C65F2B

  • server_id

    2AE09BE11233539702A3F465339E13E21A13A935D2D2B6515A68238AB5580120814B289ED2CEC0157D5DE31871AC200F

  • wss

    wss://vallita.sytes.net:443/agent.ashx

Targets

    • Target

      2024-11-02_06f1c3c24c8f2568a33c22e5ffb2b405_ryuk_sliver

    • Size

      3.2MB

    • MD5

      06f1c3c24c8f2568a33c22e5ffb2b405

    • SHA1

      d14dbd6e6c1d3a4ceb513bc11b3730ed733a88d2

    • SHA256

      c85f73aa3244579f5b3539ecdea315d47538c0f80d7e641c076344a320fb63ed

    • SHA512

      e8f34bc85256689e8a349ed7f6b7922030ef5b2c821c9007db960488d75f9414d16cf11c5ec369c6ba87a943c1e22db8979000db61a21c62af83fe7e92d46bd5

    • SSDEEP

      49152:Z6Fva8Z3jsWlwddWq2qWDtywom4cVmxvAxLz/BViY36MFvf+QRQ0e11UOrdR852f:M7jxNqP/GmIzv3JQjv8Qf

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks