Overview

overview

10

Static

static

10

2024-11-13...er.exe

windows7-x64

1

2024-11-13...er.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-11-13_4eaf393150bbaa3c90b1a18417493172_ismagent_ryuk_sliver

  • Size

    3.3MB

  • Sample

    241113-dzgmfavhrf

  • MD5

    4eaf393150bbaa3c90b1a18417493172

  • SHA1

    5e0dbc30075cb9a1b8b2a9ffda580b30d5ee6a4f

  • SHA256

    36fed4e4e6b2c07575dc9d8aa243196b61a378dd3b8933cd674e76464b3c0053

  • SHA512

    4e9974b78e2a7e46543aa2c707d438152b914727d69ae6a73571c20ef5143c480cdfaf559b09145c95666953bb54a17b152a2c4977bdf0322babf161b4c4e9cb

  • SSDEEP

    49152:AX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQej5l:AlRsZ47/QXoHUOfAoj1Cj

Score
10/10
meshagentapp

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

app

C2

http://112100200300342500600700834510120130144516017018019040.svstorems.online:443/agent.a

Attributes
  • mesh_id

    0xFD65C785BAFF16267018519DB1D71D5C7170CC42A06C8D67EA638900505712038E8F1C2F0BA4093525BE3366011DCC06

  • server_id

    AA26D56CC6FACC85ADD57D31A4A24C4F16CA4F16088BF5DACD99C4658DCB762D5FDD7B3924B80F1919DC4E9C55AE56D5

  • wss

    wss://112100200300342500600700834510120130144516017018019040.svstorems.online:443/agent.a

Targets

    • Target

      2024-11-13_4eaf393150bbaa3c90b1a18417493172_ismagent_ryuk_sliver

    • Size

      3.3MB

    • MD5

      4eaf393150bbaa3c90b1a18417493172

    • SHA1

      5e0dbc30075cb9a1b8b2a9ffda580b30d5ee6a4f

    • SHA256

      36fed4e4e6b2c07575dc9d8aa243196b61a378dd3b8933cd674e76464b3c0053

    • SHA512

      4e9974b78e2a7e46543aa2c707d438152b914727d69ae6a73571c20ef5143c480cdfaf559b09145c95666953bb54a17b152a2c4977bdf0322babf161b4c4e9cb

    • SSDEEP

      49152:AX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQej5l:AlRsZ47/QXoHUOfAoj1Cj

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks