General
-
Target
2024-11-22_656dc51440dc6eb772c4d748e2dbcbc6_ismagent_ryuk
-
Size
3.3MB
-
Sample
241122-yqe3gaxpaz
-
MD5
656dc51440dc6eb772c4d748e2dbcbc6
-
SHA1
55deb58521c6a675c220cbad8ec13df796789557
-
SHA256
75b5de41fc720648252d75b1a8e717e4585ce0ac256b8288f3fcbde8224c4062
-
SHA512
b9289e8b3cfebce1b55189a8281bc7eeaf457c9da661e858381ca8c137353c716d22087235bd20b9cb8adebe480320117e0fbabfc4df0ac21e54c78aa26fcec5
-
SSDEEP
49152:aX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poDMFvfuJ1kZ79bjHQeq5Pb:alRsZ47/QXoHUOfAoz1Lxb
Behavioral task
behavioral1
Sample
2024-11-22_656dc51440dc6eb772c4d748e2dbcbc6_ismagent_ryuk.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
2024-11-22_656dc51440dc6eb772c4d748e2dbcbc6_ismagent_ryuk.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
meshagent
2
milford.local\Administrator;!pUb]w5m{dcR!PS5
http://193.46.255.73:443/agent.ashx
-
mesh_id
0x1BB8AD1663F202EB7C6DF4CCC6A0180FC79443F53DF36DF72D67BCCD9F34D39D465145AB6E76B3303C35C9731AE22375
-
server_id
38C87A59D8DA58C7A7F12A7830D25E5D849272811E90124F6A4059C3EB86F2BFA6C9C793837901C5639BC53239220AA0
-
wss
wss://193.46.255.73:443/agent.ashx
Targets
-
-
Target
2024-11-22_656dc51440dc6eb772c4d748e2dbcbc6_ismagent_ryuk
-
Size
3.3MB
-
MD5
656dc51440dc6eb772c4d748e2dbcbc6
-
SHA1
55deb58521c6a675c220cbad8ec13df796789557
-
SHA256
75b5de41fc720648252d75b1a8e717e4585ce0ac256b8288f3fcbde8224c4062
-
SHA512
b9289e8b3cfebce1b55189a8281bc7eeaf457c9da661e858381ca8c137353c716d22087235bd20b9cb8adebe480320117e0fbabfc4df0ac21e54c78aa26fcec5
-
SSDEEP
49152:aX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poDMFvfuJ1kZ79bjHQeq5Pb:alRsZ47/QXoHUOfAoz1Lxb
Score1/10 -