General
-
Target
2024-11-21_a1f56d48defdd54afc0e1b2b1c496ad2_ismagent_ryuk_sliver
-
Size
3.3MB
-
Sample
241121-lmldvszhlg
-
MD5
a1f56d48defdd54afc0e1b2b1c496ad2
-
SHA1
fd5623f3f7fa97811af5e05277df8979f42344c6
-
SHA256
988b3ecfe8ac2442f564b9f79593c95cd55c37cdc60d8e7cb0e697f67fc11aaf
-
SHA512
5b4348460c9c317367dd67dbf7217cb84e1877083497f61c49a3b30599c28c3347b0cdd12353b6127d83153870ec9d9d38f8d4efe1529475d9b065e743d6ad93
-
SSDEEP
49152:rX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85Q3n:rlRsZ47/QXoHUOfAoj1x63
Behavioral task
behavioral1
Sample
2024-11-21_a1f56d48defdd54afc0e1b2b1c496ad2_ismagent_ryuk_sliver.exe
Resource
win7-20241023-en
Behavioral task
behavioral2
Sample
2024-11-21_a1f56d48defdd54afc0e1b2b1c496ad2_ismagent_ryuk_sliver.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
meshagent
2
TacticalRMM
http://mesh.et.com.na:443/agent.ashx
-
mesh_id
0x6DDCDE89FBFA8D1C7B48D0E162B0FFD4D834D81E22FE54D8A238AA4E38FDBEB3F598D5FD83B2FCFF4B358D64436FE606
-
server_id
6CAD2F8319E47BED16394049E0AE9358528AE09A5F7D50A345FCE2683DE627017404DB14484C57E47E91CE8973C0BF8E
-
wss
wss://mesh.et.com.na:443/agent.ashx
Targets
-
-
Target
2024-11-21_a1f56d48defdd54afc0e1b2b1c496ad2_ismagent_ryuk_sliver
-
Size
3.3MB
-
MD5
a1f56d48defdd54afc0e1b2b1c496ad2
-
SHA1
fd5623f3f7fa97811af5e05277df8979f42344c6
-
SHA256
988b3ecfe8ac2442f564b9f79593c95cd55c37cdc60d8e7cb0e697f67fc11aaf
-
SHA512
5b4348460c9c317367dd67dbf7217cb84e1877083497f61c49a3b30599c28c3347b0cdd12353b6127d83153870ec9d9d38f8d4efe1529475d9b065e743d6ad93
-
SSDEEP
49152:rX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85Q3n:rlRsZ47/QXoHUOfAoj1x63
Score1/10 -