Overview

overview

10

Static

static

10

2024-11-30...er.exe

windows7-x64

1

2024-11-30...er.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-11-30_7d1481cb8c271bd19254190ca69c0cfa_ismagent_ryuk_sliver

  • Size

    3.3MB

  • Sample

    241130-ljxmqavlgl

  • MD5

    7d1481cb8c271bd19254190ca69c0cfa

  • SHA1

    fea9bd8e266ff576495d229b0300ba9e475e1418

  • SHA256

    0389db19cb4146a0a49cecc7268b6d81f2625908b4979a4905fe13911eaea11e

  • SHA512

    d0b5b8489df3f84617272a82b7c6f5f7e92565829879522b902b59e3eba26c13ccef3956180c3a37cffbd59be58636a376fbf2afb9b747d48d3c6d1f966bc519

  • SSDEEP

    49152:XX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85QB:XlRsZ47/QXoHUOfAoj1x6B

Score
10/10
meshagentpk

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

pk

C2

http://45.77.253.105:443/agent.ashx

Attributes
  • mesh_id

    0x775624AA443BA71F4F17FA1C57278E245E8927CEC14946F80746FF5F110E22C7DB85628137D2BC6F5C9F09B3D0BE70F8

  • server_id

    AC78FCB54149EA8B776B2F518657A81896A6549A1D186CE1C33A1D1C8CE9C02E828D9120E89AD3929908DD2596AEB14D

  • wss

    wss://45.77.253.105:443/agent.ashx

Targets

    • Target

      2024-11-30_7d1481cb8c271bd19254190ca69c0cfa_ismagent_ryuk_sliver

    • Size

      3.3MB

    • MD5

      7d1481cb8c271bd19254190ca69c0cfa

    • SHA1

      fea9bd8e266ff576495d229b0300ba9e475e1418

    • SHA256

      0389db19cb4146a0a49cecc7268b6d81f2625908b4979a4905fe13911eaea11e

    • SHA512

      d0b5b8489df3f84617272a82b7c6f5f7e92565829879522b902b59e3eba26c13ccef3956180c3a37cffbd59be58636a376fbf2afb9b747d48d3c6d1f966bc519

    • SSDEEP

      49152:XX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85QB:XlRsZ47/QXoHUOfAoj1x6B

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks