Overview

overview

10

Static

static

10

2024-11-02...er.exe

windows7-x64

1

2024-11-02...er.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-11-02_518e513dbf70266a2f53569408abf60a_ryuk_sliver

  • Size

    3.3MB

  • Sample

    241102-jpvzzaslcj

  • MD5

    518e513dbf70266a2f53569408abf60a

  • SHA1

    7669020254c48b425e18c844e5251ba13f1eaa48

  • SHA256

    d6c355937d2a857eded02b4920bad9df33d77b4c4f421c2a58aa52db605783ec

  • SHA512

    818cce755f55d28624a8606fbb115204d8e4d7e9ac8e7538979ebeea393c2dd63ac06b08c1850ea1734a390aefb93ade73148a80d2a57090f85381171e240278

  • SSDEEP

    49152:df708gNcR9l5NyQB7q1AlgraPgDLDVXI2RXgGfX2kMFvfAw6dZ7Nueuxg5AQ:d+49lnyeG3D56gXm6HqQ

Score
10/10
meshagentvar_garden

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

VAR_GARDEN

C2

http://s3.itsx.ru:443/agent.ashx

Attributes
  • mesh_id

    0x1FE5012AAF9F2A813250F94BB87EEDAD12E388F4CD5BF5795F6E2CA8AA23E2D1C7D24C650FF0D8D596D45C8D8837CDE6

  • server_id

    C6F9B02DCDCA85B9C0000E62B598BA934C54535944B91A4FA78653430A6ABE422DF31C7C85486A3269D5F4CAF267B22E

  • wss

    wss://s3.itsx.ru:443/agent.ashx

Targets

    • Target

      2024-11-02_518e513dbf70266a2f53569408abf60a_ryuk_sliver

    • Size

      3.3MB

    • MD5

      518e513dbf70266a2f53569408abf60a

    • SHA1

      7669020254c48b425e18c844e5251ba13f1eaa48

    • SHA256

      d6c355937d2a857eded02b4920bad9df33d77b4c4f421c2a58aa52db605783ec

    • SHA512

      818cce755f55d28624a8606fbb115204d8e4d7e9ac8e7538979ebeea393c2dd63ac06b08c1850ea1734a390aefb93ade73148a80d2a57090f85381171e240278

    • SSDEEP

      49152:df708gNcR9l5NyQB7q1AlgraPgDLDVXI2RXgGfX2kMFvfAw6dZ7Nueuxg5AQ:d+49lnyeG3D56gXm6HqQ

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks