Overview

overview

10

Static

static

10

2024-11-09...er.exe

windows7-x64

1

2024-11-09...er.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-11-09_9c3de7192e8ed1f42790bee4b5356786_ismagent_ryuk_sliver

  • Size

    3.3MB

  • Sample

    241109-lknq7ssckr

  • MD5

    9c3de7192e8ed1f42790bee4b5356786

  • SHA1

    5272b834e29e03c3c807aa2b6140c8180d1dc288

  • SHA256

    6dfd22ca602fee5740548b2d61a54e224b790acfa3b412259790145566b52671

  • SHA512

    41b59e32c8bc7240cf7ae415602a9e4d1d4e4b516bb35f3d09de1d2a87fa2a1f405cf30a4f797879188ea06026716426d383c65d237b68dd43ed96bc04093b8f

  • SSDEEP

    49152:rX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85Qu:rlRsZ47/QXoHUOfAoj1x6u

Score
10/10
meshagentэкраны [email protected]

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

ЭКРАНЫ [email protected]

C2

http://benitolocker.pro:443/agent.ashx

Attributes
  • mesh_id

    0x897E795841602252459589333562CBDFEF7AB2DA42DB998093A5AEC5956DB6A5FEE38EE870AD5D0E130BC0A432790D98

  • server_id

    1D4D11E707A7D5FA47BFB4705F74843B96142CDB21117F5A3F5234811772E225E16EBCE327C6F43112BF2E84F9D71D7D

  • wss

    wss://benitolocker.pro:443/agent.ashx

Targets

    • Target

      2024-11-09_9c3de7192e8ed1f42790bee4b5356786_ismagent_ryuk_sliver

    • Size

      3.3MB

    • MD5

      9c3de7192e8ed1f42790bee4b5356786

    • SHA1

      5272b834e29e03c3c807aa2b6140c8180d1dc288

    • SHA256

      6dfd22ca602fee5740548b2d61a54e224b790acfa3b412259790145566b52671

    • SHA512

      41b59e32c8bc7240cf7ae415602a9e4d1d4e4b516bb35f3d09de1d2a87fa2a1f405cf30a4f797879188ea06026716426d383c65d237b68dd43ed96bc04093b8f

    • SSDEEP

      49152:rX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85Qu:rlRsZ47/QXoHUOfAoj1x6u

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks