Overview

overview

10

Static

static

10

2024-11-21...er.exe

windows7-x64

1

2024-11-21...er.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-11-21_c42c27b0df7e1339a097bb696b5e191c_ismagent_ryuk_sliver

  • Size

    3.3MB

  • Sample

    241121-m5x12ssbrr

  • MD5

    c42c27b0df7e1339a097bb696b5e191c

  • SHA1

    b4eabc56c143baef32247db9889af000e49d8685

  • SHA256

    08395a536245cc17951a3089920c5791c559a7f03db3aa392a57136995c0561f

  • SHA512

    954c8bfd1c94499e3767bf657dfb4e2e0e9eca549e5bdc471cb88b5b6cb95ce677c867c805a750aded826f196f8d9307a75aa0645e0d4819ba68556ab5db038c

  • SSDEEP

    49152:8f708gNcR9l5NyQB7q1AlgraPgDLDVXI2RXgGfX2kMFvfAw6dZ7Nueuxg5Ar:8+49lnyeG3D56gXm6Hqr

Score
10/10
meshagentмуниципальный архив

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

Муниципальный Архив

C2

http://meshcent.its.ufanet.ru:443/agent.ashx

Attributes
  • mesh_id

    0x2C8C115332EBE8D0D012D0F6669887F848AD166766316AE1F5F9D16FE05C0FC33FCFB8D405AFD80DC71DE9C7601E4541

  • server_id

    92361DD62E17552490F9968C444EAF21618626EC916098B7A27028E3759BECFC00603247A5829F7E5F230D03F82213BF

  • wss

    wss://meshcent.its.ufanet.ru:443/agent.ashx

Targets

    • Target

      2024-11-21_c42c27b0df7e1339a097bb696b5e191c_ismagent_ryuk_sliver

    • Size

      3.3MB

    • MD5

      c42c27b0df7e1339a097bb696b5e191c

    • SHA1

      b4eabc56c143baef32247db9889af000e49d8685

    • SHA256

      08395a536245cc17951a3089920c5791c559a7f03db3aa392a57136995c0561f

    • SHA512

      954c8bfd1c94499e3767bf657dfb4e2e0e9eca549e5bdc471cb88b5b6cb95ce677c867c805a750aded826f196f8d9307a75aa0645e0d4819ba68556ab5db038c

    • SSDEEP

      49152:8f708gNcR9l5NyQB7q1AlgraPgDLDVXI2RXgGfX2kMFvfAw6dZ7Nueuxg5Ar:8+49lnyeG3D56gXm6Hqr

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks