Overview

overview

10

Static

static

10

2024-11-24...er.exe

windows7-x64

1

2024-11-24...er.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-11-24_2e435cff60645602695b96f9923ed43e_ismagent_ryuk_sliver

  • Size

    3.3MB

  • Sample

    241124-x7grys1ndj

  • MD5

    2e435cff60645602695b96f9923ed43e

  • SHA1

    91eb15648f5f6dd0468011230862cc5e54776fcc

  • SHA256

    20b084b57eb03cf023039459ddbd3850b9956c50c5315d99954a727023adadbd

  • SHA512

    6515ef7b8cdd7f1d4c0a0340d238129a1c63eee8324dde63c8b145c9e57eb4ab8ac8f6a0f962e6350cabb930b901337dd2587ae0971148a6355c6ad7aadac3ed

  • SSDEEP

    49152:Yf708gNcR9l5NyQB7q1AlgraPgDLDVXI2RXgGfX2kMFvfAw6dZ7Nueuxg5AA:Y+49lnyeG3D56gXm6HqA

Score
10/10
meshagent45-2

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

45-2

C2

http://control3.colizeumarena.ru:443/agent.ashx

Attributes
  • mesh_id

    0x64EDA41760C9E232F7D5006C66BE6331E935EC61C0EF4C8DDD21E752B63C5FDCE8B5BBCA8CEE8ACA7501B7AC6CC7983E

  • server_id

    C1139252AFB8BB79497F4C3FFFE817B4721FC57DF5DB25C1AFDFE4C5780D3D815802672B52644A626A44410DFFDE7D27

  • wss

    wss://control3.colizeumarena.ru:443/agent.ashx

Targets

    • Target

      2024-11-24_2e435cff60645602695b96f9923ed43e_ismagent_ryuk_sliver

    • Size

      3.3MB

    • MD5

      2e435cff60645602695b96f9923ed43e

    • SHA1

      91eb15648f5f6dd0468011230862cc5e54776fcc

    • SHA256

      20b084b57eb03cf023039459ddbd3850b9956c50c5315d99954a727023adadbd

    • SHA512

      6515ef7b8cdd7f1d4c0a0340d238129a1c63eee8324dde63c8b145c9e57eb4ab8ac8f6a0f962e6350cabb930b901337dd2587ae0971148a6355c6ad7aadac3ed

    • SSDEEP

      49152:Yf708gNcR9l5NyQB7q1AlgraPgDLDVXI2RXgGfX2kMFvfAw6dZ7Nueuxg5AA:Y+49lnyeG3D56gXm6HqA

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks