Overview

overview

10

Static

static

10

2024-11-25...er.exe

windows7-x64

1

2024-11-25...er.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-11-25_c4363132cf3cfde11d54e7d508e08ffb_ismagent_ryuk_sliver

  • Size

    3.4MB

  • Sample

    241125-lc3kdswkgj

  • MD5

    c4363132cf3cfde11d54e7d508e08ffb

  • SHA1

    e4f1327260702091a58914e785e828bcc93277f8

  • SHA256

    20fe68d305ec24a03cf0e15116528802eaf0fbc4ab2c1126cb4b3d076338e96d

  • SHA512

    6f2ddda832a5588a78e6dc6b04cee2ae54fbbc102838b1014755f7dce2709883e8df4161dfcf640222f275098db786fa0d061aab8810ebe806cefa7dbbbced91

  • SSDEEP

    49152:MX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQed5M:MlRsZ47/QXoHUOfAoj1Ia

Score
10/10
meshagentdavid

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

david

C2

http://remoteshare.in:443/agent.ashx

Attributes
  • mesh_id

    0x4BDACC9969A2E9A83064630FA1B8EF3443BAE371106B0E702E58527663EF075B1E1F693B801C7545401EB6221DBC909E

  • server_id

    C6DE5260F3DF733E712F21316EE6EE643ABC568C44EC1AE991C57525DD26FAF883ED8D9A208F6CD34C3CC1CF7943ECD7

  • wss

    wss://remoteshare.in:443/agent.ashx

Targets

    • Target

      2024-11-25_c4363132cf3cfde11d54e7d508e08ffb_ismagent_ryuk_sliver

    • Size

      3.4MB

    • MD5

      c4363132cf3cfde11d54e7d508e08ffb

    • SHA1

      e4f1327260702091a58914e785e828bcc93277f8

    • SHA256

      20fe68d305ec24a03cf0e15116528802eaf0fbc4ab2c1126cb4b3d076338e96d

    • SHA512

      6f2ddda832a5588a78e6dc6b04cee2ae54fbbc102838b1014755f7dce2709883e8df4161dfcf640222f275098db786fa0d061aab8810ebe806cefa7dbbbced91

    • SSDEEP

      49152:MX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQed5M:MlRsZ47/QXoHUOfAoj1Ia

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks