Overview

overview

10

Static

static

10

2024-11-04...er.exe

windows7-x64

1

2024-11-04...er.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-11-04_79d1ec620724c54d3dbe7e361dae114c_ryuk_sliver

  • Size

    3.3MB

  • Sample

    241104-w4eyhstqdx

  • MD5

    79d1ec620724c54d3dbe7e361dae114c

  • SHA1

    976df2dc2dc1bcae9e809f8f91b1b2a5249d633c

  • SHA256

    fff7eed9a0788fab0e0b12acfaeeb8b87a779a195317708f64028b28308d36b0

  • SHA512

    0fc0c81b551e346540987c7ca7144caed55c40d866fd8fc447f933a5f183ec6d19cc6ddbcba0a3d3a7080e6ed775ad9739721e2e56cc26eeba15fe473a640b4f

  • SSDEEP

    49152:UX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85Qj:UlRsZ47/QXoHUOfAoj1x6j

Score
10/10
meshagenttacticalrmm

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

TacticalRMM

C2

http://mesh.cnec.br:443/agent.ashx

Attributes
  • mesh_id

    0x93AF0A512BD9A6A8A83D3B19BE6C9B5408966DE67EF9187EED7653C69933AB57A0724AC620435865FC7C5C7C6C66BA53

  • server_id

    B2F39EEC151EA6BAB3C8A8A3BAD39BC3D4C60C341AF7234CC21EF2F53195B2ABA65E23B24132046925BB0327560EE62A

  • wss

    wss://mesh.cnec.br:443/agent.ashx

Targets

    • Target

      2024-11-04_79d1ec620724c54d3dbe7e361dae114c_ryuk_sliver

    • Size

      3.3MB

    • MD5

      79d1ec620724c54d3dbe7e361dae114c

    • SHA1

      976df2dc2dc1bcae9e809f8f91b1b2a5249d633c

    • SHA256

      fff7eed9a0788fab0e0b12acfaeeb8b87a779a195317708f64028b28308d36b0

    • SHA512

      0fc0c81b551e346540987c7ca7144caed55c40d866fd8fc447f933a5f183ec6d19cc6ddbcba0a3d3a7080e6ed775ad9739721e2e56cc26eeba15fe473a640b4f

    • SSDEEP

      49152:UX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85Qj:UlRsZ47/QXoHUOfAoj1x6j

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks