Overview

overview

10

Static

static

10

2024-11-27...er.exe

windows7-x64

1

2024-11-27...er.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-11-27_53c4d18047c7476269ccbf8f9598042d_ismagent_ryuk_sliver

  • Size

    3.3MB

  • Sample

    241127-s5fpnazkhy

  • MD5

    53c4d18047c7476269ccbf8f9598042d

  • SHA1

    127bf369a04cef82ccd34244b3720d80cb4d2242

  • SHA256

    d72469fef23335f2cedfbbf0e1def83f2bc4b383179df14eb202f6f8e1707a96

  • SHA512

    ff4ac7652310aabc0301ff3f0e0038d8a3ee9600810d77e4a53d2e4cd4a634e56ee16ea921d5efac5cca791ee70e9ddea248c11b39be205c1bc3c23291d6cd40

  • SSDEEP

    49152:DX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85QP:DlRsZ47/QXoHUOfAoj1x6P

Score
10/10
meshagentmyskill.help

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

MYSKILL.HELP

C2

http://myskill.help:443/agent.ashx

Attributes
  • mesh_id

    0x1127CCD14E53D2A788065FC3695F3E8CBCE6F2DAD7F67CCDE5869ED35EC32DBBCD7A0009EA9F2D6BFDA86E990964B659

  • server_id

    6C7CC9C96202A7A1857DA9BC938B9A0900574480D6EB78677289A4E3DC51C1EB07FFE6B89D73BB1B4FB9A2E2FE5B63D9

  • wss

    wss://myskill.help:443/agent.ashx

Targets

    • Target

      2024-11-27_53c4d18047c7476269ccbf8f9598042d_ismagent_ryuk_sliver

    • Size

      3.3MB

    • MD5

      53c4d18047c7476269ccbf8f9598042d

    • SHA1

      127bf369a04cef82ccd34244b3720d80cb4d2242

    • SHA256

      d72469fef23335f2cedfbbf0e1def83f2bc4b383179df14eb202f6f8e1707a96

    • SHA512

      ff4ac7652310aabc0301ff3f0e0038d8a3ee9600810d77e4a53d2e4cd4a634e56ee16ea921d5efac5cca791ee70e9ddea248c11b39be205c1bc3c23291d6cd40

    • SSDEEP

      49152:DX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85QP:DlRsZ47/QXoHUOfAoj1x6P

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks