meshagent | 220e75915a61d6430f99cf044547122ba7ba7b1195d8ed125d1afee46a5c37d3 | Triage

Sharing

General

Target

2024-11-11_a088c65c6ef00c03f7cfe25a243adbbf_ismagent_ryuk_sliver
Size

3.3MB
Sample

241111-c1v1satpfk
MD5

a088c65c6ef00c03f7cfe25a243adbbf
SHA1

dacb417d275635d350eff0bd356e79d194d2727a
SHA256

220e75915a61d6430f99cf044547122ba7ba7b1195d8ed125d1afee46a5c37d3
SHA512

2bf2ee518cf5337519c664316c5fed236878ebb70fed0ae249e0b4bf77d3340914900d12694cdafb3a9898de5320c18d9e72e7529328a330565d87ba508316f0
SSDEEP

49152:2X3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85Qf:2lRsZ47/QXoHUOfAoj1x6f

Score

10^/10

meshagent tacticalrmm

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

TacticalRMM

C2

http://mesh.tactical-rts.com:443/agent.ashx

Attributes

mesh_id
0x6EADD4E5A204E1910C5EEBFEC9B5E042B3AD57D094388EA295B36957C21050DBD521F9D84E4E852A5A69601ED0EFEC6D
server_id
F71BCC09D639594F1DEE85019C5C14E282283BFA55BE0E516BA0A38F6BCAE483BA45F814EFE85B7CD97C7D155A026567
wss
wss://mesh.tactical-rts.com:443/agent.ashx

Targets

- Target
  
  2024-11-11_a088c65c6ef00c03f7cfe25a243adbbf_ismagent_ryuk_sliver
- Size
  
  3.3MB
- MD5
  
  a088c65c6ef00c03f7cfe25a243adbbf
- SHA1
  
  dacb417d275635d350eff0bd356e79d194d2727a
- SHA256
  
  220e75915a61d6430f99cf044547122ba7ba7b1195d8ed125d1afee46a5c37d3
- SHA512
  
  2bf2ee518cf5337519c664316c5fed236878ebb70fed0ae249e0b4bf77d3340914900d12694cdafb3a9898de5320c18d9e72e7529328a330565d87ba508316f0
- SSDEEP
  
  49152:2X3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85Qf:2lRsZ47/QXoHUOfAoj1x6f
Score

1^/10
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

tacticalrmmmeshagent

behavioral1

behavioral2