Overview

overview

10

Static

static

10

2024-11-30...er.exe

windows7-x64

1

2024-11-30...er.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-11-30_b34f6111ac20300eec3fc2d6abece43f_ismagent_ryuk_sliver

  • Size

    3.3MB

  • Sample

    241130-lm46za1jdv

  • MD5

    b34f6111ac20300eec3fc2d6abece43f

  • SHA1

    4c96c8dc8d90b41b70453f3b3935aa663603a980

  • SHA256

    1bf6e18373a263cb48d2f11d8edfb341ea59c603ff4a6b9406cc90f159f6acfa

  • SHA512

    62dbb60987a69aeb2b2fdd3ca700d8fee3cf81d38cf0e74ddf5456d777a65b916690d6e74a7d5b9dbbfd4266fe5ffc3fbb317162f1ad729994266db82b08720b

  • SSDEEP

    49152:9X3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85Q3:9lRsZ47/QXoHUOfAoj1x63

Score
10/10
meshagentplaneta editorial users

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

Planeta Editorial Users

C2

http://soporte.itbsac.com:443/agent.ashx

Attributes
  • mesh_id

    0x1231638166CBD27567B0AC650F41A43784A6A8DD29279041CA080839A49BEDAD5608EF1C772283F37BAC6B4AB4130F0E

  • server_id

    9340433EC74998D3BAFA353D5A8E3BB99BB44ACAD3986CB2E56D3EE5B8DDD4FAE693D896811F647B1D3A67F25F322A0E

  • wss

    wss://soporte.itbsac.com:443/agent.ashx

Targets

    • Target

      2024-11-30_b34f6111ac20300eec3fc2d6abece43f_ismagent_ryuk_sliver

    • Size

      3.3MB

    • MD5

      b34f6111ac20300eec3fc2d6abece43f

    • SHA1

      4c96c8dc8d90b41b70453f3b3935aa663603a980

    • SHA256

      1bf6e18373a263cb48d2f11d8edfb341ea59c603ff4a6b9406cc90f159f6acfa

    • SHA512

      62dbb60987a69aeb2b2fdd3ca700d8fee3cf81d38cf0e74ddf5456d777a65b916690d6e74a7d5b9dbbfd4266fe5ffc3fbb317162f1ad729994266db82b08720b

    • SSDEEP

      49152:9X3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85Q3:9lRsZ47/QXoHUOfAoj1x63

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks