Overview

overview

10

Static

static

10

2024-11-06...er.exe

windows7-x64

1

2024-11-06...er.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-11-06_7b16cf146e2b32301c644b72240e6b9a_ryuk_sliver

  • Size

    3.3MB

  • Sample

    241106-fnbm6atrbs

  • MD5

    7b16cf146e2b32301c644b72240e6b9a

  • SHA1

    913a4adeb73bd14f7d3eafff249fa0046b5e992d

  • SHA256

    5cd40c36c37580521978368b6622e3b177d26bfa4ea43fca023be90f7443be0b

  • SHA512

    edb29bb6298c4a17b454eb2d04a086b54d117827005b34542fe17d4b2625f5e83937da147407a12d12631dea09835120286106fc0122aee09cce31c3ad3aeca7

  • SSDEEP

    49152:oX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQeW50:olRsZ47/QXoHUOfAoj1Lm

Score
10/10
meshagentx86

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

x86

C2

http://001002003004005006007008009010011012013014015016017018019030.svhosts.cfd:443/agent.

Attributes
  • mesh_id

    0x9E4C12CEF1043985184B37A0760463C176885CCB5853A76ABEBEF384B6FB5ECC83ACCA902A4237C470E0F5F1AA8A6337

  • server_id

    7C02AE770B233B4D8B5AF988A98FA838481F94CD7C8B030FA61921A1E842FAC0956E9D9902633725896CB9DE6048719D

  • wss

    wss://001002003004005006007008009010011012013014015016017018019030.svhosts.cfd:443/agent.

Targets

    • Target

      2024-11-06_7b16cf146e2b32301c644b72240e6b9a_ryuk_sliver

    • Size

      3.3MB

    • MD5

      7b16cf146e2b32301c644b72240e6b9a

    • SHA1

      913a4adeb73bd14f7d3eafff249fa0046b5e992d

    • SHA256

      5cd40c36c37580521978368b6622e3b177d26bfa4ea43fca023be90f7443be0b

    • SHA512

      edb29bb6298c4a17b454eb2d04a086b54d117827005b34542fe17d4b2625f5e83937da147407a12d12631dea09835120286106fc0122aee09cce31c3ad3aeca7

    • SSDEEP

      49152:oX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQeW50:olRsZ47/QXoHUOfAoj1Lm

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks