General

  • Target

    2024-11-21_a1f56d48defdd54afc0e1b2b1c496ad2_ismagent_ryuk_sliver

  • Size

    3.3MB

  • Sample

    241121-lmldvszhlg

  • MD5

    a1f56d48defdd54afc0e1b2b1c496ad2

  • SHA1

    fd5623f3f7fa97811af5e05277df8979f42344c6

  • SHA256

    988b3ecfe8ac2442f564b9f79593c95cd55c37cdc60d8e7cb0e697f67fc11aaf

  • SHA512

    5b4348460c9c317367dd67dbf7217cb84e1877083497f61c49a3b30599c28c3347b0cdd12353b6127d83153870ec9d9d38f8d4efe1529475d9b065e743d6ad93

  • SSDEEP

    49152:rX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85Q3n:rlRsZ47/QXoHUOfAoj1x63

Score
10/10

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

TacticalRMM

C2

http://mesh.et.com.na:443/agent.ashx

Attributes
  • mesh_id

    0x6DDCDE89FBFA8D1C7B48D0E162B0FFD4D834D81E22FE54D8A238AA4E38FDBEB3F598D5FD83B2FCFF4B358D64436FE606

  • server_id

    6CAD2F8319E47BED16394049E0AE9358528AE09A5F7D50A345FCE2683DE627017404DB14484C57E47E91CE8973C0BF8E

  • wss

    wss://mesh.et.com.na:443/agent.ashx

Targets

    • Target

      2024-11-21_a1f56d48defdd54afc0e1b2b1c496ad2_ismagent_ryuk_sliver

    • Size

      3.3MB

    • MD5

      a1f56d48defdd54afc0e1b2b1c496ad2

    • SHA1

      fd5623f3f7fa97811af5e05277df8979f42344c6

    • SHA256

      988b3ecfe8ac2442f564b9f79593c95cd55c37cdc60d8e7cb0e697f67fc11aaf

    • SHA512

      5b4348460c9c317367dd67dbf7217cb84e1877083497f61c49a3b30599c28c3347b0cdd12353b6127d83153870ec9d9d38f8d4efe1529475d9b065e743d6ad93

    • SSDEEP

      49152:rX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85Q3n:rlRsZ47/QXoHUOfAoj1x63

    Score
    1/10

MITRE ATT&CK Matrix

Tasks