Overview

overview

10

Static

static

10

2024-11-06...er.exe

windows7-x64

1

2024-11-06...er.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-11-06_19dc9d8ab17fa5d9f75355f8c5cfa7d8_ryuk_sliver

  • Size

    3.3MB

  • Sample

    241106-gmylzawdln

  • MD5

    19dc9d8ab17fa5d9f75355f8c5cfa7d8

  • SHA1

    a2eb8e035ff55d9cd900f6488feb6b035b9aaeaf

  • SHA256

    0a50f77b2af7f3c09f9a5e1dfdcf34451187c50f3ab867b4d8de05b84e9981de

  • SHA512

    a091b1a82ed4cbf209707e91eb932ea4008dc63b4a013397494f3f7423e3bf2e2f1a610d43171bcc0590d0bb8e4f82ee0da42a7223370535c97e0f72438a2bb4

  • SSDEEP

    49152:XX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQeW5i:XlRsZ47/QXoHUOfAoj1L0

Score
10/10
meshagentx86

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

x86

Attributes
  • mesh_id

    0x95CD9FC588F87576F7EC1995C18B67ABA47ABF0F4072CE43BB293DF47A8BD168993EFC168C880520DA5B7C9C128384C9

  • server_id

    F0B23615DDFD31E4766E01C2B8A3B178A4E4E6022F80C2D0FB7F8C181F7B49BB42917196FE3FC40C0456FA1CD2956210

  • wss

    localhost

Targets

    • Target

      2024-11-06_19dc9d8ab17fa5d9f75355f8c5cfa7d8_ryuk_sliver

    • Size

      3.3MB

    • MD5

      19dc9d8ab17fa5d9f75355f8c5cfa7d8

    • SHA1

      a2eb8e035ff55d9cd900f6488feb6b035b9aaeaf

    • SHA256

      0a50f77b2af7f3c09f9a5e1dfdcf34451187c50f3ab867b4d8de05b84e9981de

    • SHA512

      a091b1a82ed4cbf209707e91eb932ea4008dc63b4a013397494f3f7423e3bf2e2f1a610d43171bcc0590d0bb8e4f82ee0da42a7223370535c97e0f72438a2bb4

    • SSDEEP

      49152:XX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQeW5i:XlRsZ47/QXoHUOfAoj1L0

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks