General

  • Target

    2024-11-13_e90686fc03289172f29bcaf7bc7905fe_ismagent_ryuk_sliver

  • Size

    3.3MB

  • Sample

    241113-fhwfdazkdm

  • MD5

    e90686fc03289172f29bcaf7bc7905fe

  • SHA1

    5ca31bbdf80c0049c0ff9d3a4d8cbe83007cc4d7

  • SHA256

    18244fd16a0210e4d4ee3c1fefce64ae722271283bbf4aa337f93af67c68489a

  • SHA512

    90641b4090e53c8b51170fbc8f0e3e8f07bdd91231d85d53f3e04e7f94d08244da65241c059c5fab1cd832463ada375574d18b14b03f221480d86f752be192c0

  • SSDEEP

    49152:AX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ12Z7NAjHQej5Q:AlRsZ47/QXoHUOfAoj17a

Score
10/10

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

app

C2

http://112100200300342500600700834510120130144516017018019040.svstorems.online:443/agent.a

Attributes
  • mesh_id

    0xFD65C785BAFF16267018519DB1D71D5C7170CC42A06C8D67EA638900505712038E8F1C2F0BA4093525BE3366011DCC06

  • server_id

    AA26D56CC6FACC85ADD57D31A4A24C4F16CA4F16088BF5DACD99C4658DCB762D5FDD7B3924B80F1919DC4E9C55AE56D5

  • wss

    wss://112100200300342500600700834510120130144516017018019040.svstorems.online:443/agent.a

Targets

    • Target

      2024-11-13_e90686fc03289172f29bcaf7bc7905fe_ismagent_ryuk_sliver

    • Size

      3.3MB

    • MD5

      e90686fc03289172f29bcaf7bc7905fe

    • SHA1

      5ca31bbdf80c0049c0ff9d3a4d8cbe83007cc4d7

    • SHA256

      18244fd16a0210e4d4ee3c1fefce64ae722271283bbf4aa337f93af67c68489a

    • SHA512

      90641b4090e53c8b51170fbc8f0e3e8f07bdd91231d85d53f3e04e7f94d08244da65241c059c5fab1cd832463ada375574d18b14b03f221480d86f752be192c0

    • SSDEEP

      49152:AX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ12Z7NAjHQej5Q:AlRsZ47/QXoHUOfAoj17a

    Score
    1/10

MITRE ATT&CK Matrix

Tasks