Overview

overview

10

Static

static

10

2024-11-27...er.exe

windows7-x64

1

2024-11-27...er.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-11-27_85b6afd4ba7bd121e4c0b170d2fc5fb2_ismagent_ryuk_sliver

  • Size

    3.3MB

  • Sample

    241127-nysy7aymhp

  • MD5

    85b6afd4ba7bd121e4c0b170d2fc5fb2

  • SHA1

    c9df0c85efba598eab3abddd46d0ef574cde6718

  • SHA256

    4dc0c9fd609594ec100ab55b0b4f962f3914f707519c4b49bbdcc53d0c973e09

  • SHA512

    2de4fa0a0e2229f7d93b09dcb495ab539e9ddd282e10020563723da5a66462b009456027e635fd0cdccb0411448a967cf303bfeae1aa6c9bb6feddb221a63099

  • SSDEEP

    49152:Mf708gNcR9l5NyQB7q1AlgraPgDLDVXI2RXgGfX2kMFvfAw6dZ7Nueuxg5A3:M+49lnyeG3D56gXm6Hq3

Score
10/10
meshagentрайз охрана

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

РАЙЗ ОХРАНА

C2

http://meshcent.its.ufanet.ru:443/agent.ashx

Attributes
  • mesh_id

    0xC21AA8FDDE99FE1D739E07ED71146CDD728E923C92EB4DCF1F6EF70A33C2940BFF0FB0C79942AF7269B8FF27510A60E8

  • server_id

    92361DD62E17552490F9968C444EAF21618626EC916098B7A27028E3759BECFC00603247A5829F7E5F230D03F82213BF

  • wss

    wss://meshcent.its.ufanet.ru:443/agent.ashx

Targets

    • Target

      2024-11-27_85b6afd4ba7bd121e4c0b170d2fc5fb2_ismagent_ryuk_sliver

    • Size

      3.3MB

    • MD5

      85b6afd4ba7bd121e4c0b170d2fc5fb2

    • SHA1

      c9df0c85efba598eab3abddd46d0ef574cde6718

    • SHA256

      4dc0c9fd609594ec100ab55b0b4f962f3914f707519c4b49bbdcc53d0c973e09

    • SHA512

      2de4fa0a0e2229f7d93b09dcb495ab539e9ddd282e10020563723da5a66462b009456027e635fd0cdccb0411448a967cf303bfeae1aa6c9bb6feddb221a63099

    • SSDEEP

      49152:Mf708gNcR9l5NyQB7q1AlgraPgDLDVXI2RXgGfX2kMFvfAw6dZ7Nueuxg5A3:M+49lnyeG3D56gXm6Hq3

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks