Overview

overview

10

Static

static

10

2024-11-19...er.exe

windows7-x64

1

2024-11-19...er.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-11-19_1ecd49307abf590b3d7284ae1cea768e_ismagent_ryuk_sliver

  • Size

    3.3MB

  • Sample

    241119-srwhysycjr

  • MD5

    1ecd49307abf590b3d7284ae1cea768e

  • SHA1

    2a925408935735f5c66d2cd4d3ef1794288dcf7c

  • SHA256

    017f485077a0fc7d1bd47c936dc4b501a2676bf9e5914e451a88b5305cd33ef7

  • SHA512

    f4492180a63a00a5232c0d2add3753a332fa4eea50d859aaf3548067b556876b7f2b518911d97bbb4b2a816b1c66d482d40dcf05955dc00b44467bb837adcd90

  • SSDEEP

    49152:HX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe15g/:HlRsZ47/QXoHUOfAoj1gO

Score
10/10
meshagenttest

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

TEST

C2

http://samcerts.com:443/agent.ashx

Attributes
  • mesh_id

    0xF6C00B2E901DEB05DE5B716C5B45369C83F7E1417A2F743B807FE351D432184AA4A6CDD67542AEE46A5DE2346D83F3AC

  • server_id

    AB607DA22C84B90777D9A9334D7B3D96C2CB1E57103C72481576A4F3BC3EE4C75F6DD6C91DF74A93EC9390708F351594

  • wss

    wss://samcerts.com:443/agent.ashx

Targets

    • Target

      2024-11-19_1ecd49307abf590b3d7284ae1cea768e_ismagent_ryuk_sliver

    • Size

      3.3MB

    • MD5

      1ecd49307abf590b3d7284ae1cea768e

    • SHA1

      2a925408935735f5c66d2cd4d3ef1794288dcf7c

    • SHA256

      017f485077a0fc7d1bd47c936dc4b501a2676bf9e5914e451a88b5305cd33ef7

    • SHA512

      f4492180a63a00a5232c0d2add3753a332fa4eea50d859aaf3548067b556876b7f2b518911d97bbb4b2a816b1c66d482d40dcf05955dc00b44467bb837adcd90

    • SSDEEP

      49152:HX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe15g/:HlRsZ47/QXoHUOfAoj1gO

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks