meshagent | 028d95412b0d55d6c4ebb9019f41232a85001116197245d87363162ba44eab2d | Triage

Sharing

General

Target

2024-11-27_3b8aca38eea8c97777b78ed9568c2c39_ismagent_ryuk_sliver
Size

3.3MB
Sample

241127-lepfjsxpbx
MD5

3b8aca38eea8c97777b78ed9568c2c39
SHA1

a93b3ff7820e253c23a39f0c637332dc7e6d1422
SHA256

028d95412b0d55d6c4ebb9019f41232a85001116197245d87363162ba44eab2d
SHA512

e1c8cd71656b2faf5e47d01bed5618ed61c1069822f8a41367d504978be11a5aad46e61a1482a3acbc36763f8b35e1e882815dfc1a3281241084e1f574a0c9aa
SSDEEP

49152:mX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85QdW:mlRsZ47/QXoHUOfAoj1x6dW

Score

10^/10

meshagent foreo

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

FOREO

C2

http://meshcentral.cyberlen.fr:443/agent.ashx

Attributes

mesh_id
0xBEEFFA5075AA55894D2C529177B87172073F2836C2A3C8FDFD4674E856F29C9405C29E31504405954BC5B883CCC251AA
server_id
F269A4633E13C9F8BEB8D1A8746646772F444C07EB51FDC3C53976055B5844A08E500CF500FC81351B9DC6A5F2691C0B
wss
wss://meshcentral.cyberlen.fr:443/agent.ashx

Targets

- Target
  
  2024-11-27_3b8aca38eea8c97777b78ed9568c2c39_ismagent_ryuk_sliver
- Size
  
  3.3MB
- MD5
  
  3b8aca38eea8c97777b78ed9568c2c39
- SHA1
  
  a93b3ff7820e253c23a39f0c637332dc7e6d1422
- SHA256
  
  028d95412b0d55d6c4ebb9019f41232a85001116197245d87363162ba44eab2d
- SHA512
  
  e1c8cd71656b2faf5e47d01bed5618ed61c1069822f8a41367d504978be11a5aad46e61a1482a3acbc36763f8b35e1e882815dfc1a3281241084e1f574a0c9aa
- SSDEEP
  
  49152:mX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85QdW:mlRsZ47/QXoHUOfAoj1x6dW
Score

1^/10
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2