General

  • Target

    2024-11-29_168d5e843c236c70f85c28432bc452ca_ismagent_ryuk_sliver

  • Size

    3.3MB

  • Sample

    241129-lfzynsxqfz

  • MD5

    168d5e843c236c70f85c28432bc452ca

  • SHA1

    d755d54e270f20d01796fa0ac45c293654f79d62

  • SHA256

    dd85dfebcf14eb16404650ad4d9a95ac436dfe76494d031fcf35b43993eaa82d

  • SHA512

    bc7fd21d8ca8f9c7c01b95442d800f9030123ebfa15f754bbe7974519633f4b345402221b1e5673f55faba5025d70a57f3e65e20c585030645ee70ac031eefa4

  • SSDEEP

    49152:wX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85Qg:wlRsZ47/QXoHUOfAoj1x6g

Score
10/10

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

Москва

C2

http://mesh.elsi-group.ru:443/agent.ashx

Attributes
  • mesh_id

    0xAB40208FA6B43770047618B81270D1E54FC045C245E972945945D5F0C2FF59BB1F28F1045ABA2DC8CC2EEC4D4EEFA6F1

  • server_id

    DC3FB0B090C28836BE40DA77FCBD4DFD389AAAC6F673554BA9A165B6FD4E8E2CA3C629BBB88965B4F1F0C9131DD96961

  • wss

    wss://mesh.elsi-group.ru:443/agent.ashx

Targets

    • Target

      2024-11-29_168d5e843c236c70f85c28432bc452ca_ismagent_ryuk_sliver

    • Size

      3.3MB

    • MD5

      168d5e843c236c70f85c28432bc452ca

    • SHA1

      d755d54e270f20d01796fa0ac45c293654f79d62

    • SHA256

      dd85dfebcf14eb16404650ad4d9a95ac436dfe76494d031fcf35b43993eaa82d

    • SHA512

      bc7fd21d8ca8f9c7c01b95442d800f9030123ebfa15f754bbe7974519633f4b345402221b1e5673f55faba5025d70a57f3e65e20c585030645ee70ac031eefa4

    • SSDEEP

      49152:wX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85Qg:wlRsZ47/QXoHUOfAoj1x6g

    Score
    1/10

MITRE ATT&CK Matrix

Tasks