Overview

overview

10

Static

static

10

2024-11-02...er.exe

windows7-x64

1

2024-11-02...er.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-11-02_42b8b61287692f8edcc5bf9dce34c7a8_ryuk_sliver

  • Size

    3.3MB

  • Sample

    241102-fgg7cszcpm

  • MD5

    42b8b61287692f8edcc5bf9dce34c7a8

  • SHA1

    f0b3a17980530af4f6272abb308414fce558c765

  • SHA256

    835e2f2f25426291e5ad99b4ceea36ce373348e29b136a672d24124fb582abc9

  • SHA512

    f63557791f157d06ebbd5635da094efdcfbdab45a6b2df9d26513c451cc981ab4f3279e83199959275fd8bac98b90a28a42c52ed0876f844a547188b1de4c7bb

  • SSDEEP

    49152:1X3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85Q7:1lRsZ47/QXoHUOfAoj1x67

Score
10/10
meshagentnew

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

NEW

C2

http://mc.3citech.com:443/agent.ashx

Attributes
  • mesh_id

    0x1810049067ED2F95AF16088229A7CF613C4D50E7E259AEAAAB07767FA301379921A6276C5EA4BF646983AE537C6D214B

  • server_id

    0F97709F81164EA5C2AF853543A0A3717ABB90733B7947BC21FFAEA0BCC388833C6F5B952305BD3A04F86CE82E008CA2

  • wss

    wss://mc.3citech.com:443/agent.ashx

Targets

    • Target

      2024-11-02_42b8b61287692f8edcc5bf9dce34c7a8_ryuk_sliver

    • Size

      3.3MB

    • MD5

      42b8b61287692f8edcc5bf9dce34c7a8

    • SHA1

      f0b3a17980530af4f6272abb308414fce558c765

    • SHA256

      835e2f2f25426291e5ad99b4ceea36ce373348e29b136a672d24124fb582abc9

    • SHA512

      f63557791f157d06ebbd5635da094efdcfbdab45a6b2df9d26513c451cc981ab4f3279e83199959275fd8bac98b90a28a42c52ed0876f844a547188b1de4c7bb

    • SSDEEP

      49152:1X3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85Q7:1lRsZ47/QXoHUOfAoj1x67

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks