Overview

overview

10

Static

static

10

2024-12-02...er.exe

windows7-x64

1

2024-12-02...er.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-12-02_00ade523ec98484ebb73b876383891ce_ismagent_ryuk_sliver

  • Size

    3.3MB

  • Sample

    241202-f2kg8a1pdw

  • MD5

    00ade523ec98484ebb73b876383891ce

  • SHA1

    239e38c2a4ec9ee8946454fc0df79bc0282c8e98

  • SHA256

    94475e2a62a96138a56864170b5dc537b93ab0897d15ec7c59dbcf41e64f9359

  • SHA512

    5005f6cc364ff078cd5b046dc89b06d1e696e2674bcd49c29066cbebfb64bf4a41281cc8e40a4546ee2f5cdad7c51f5a6b6b329b2a164be14a844309ff8545fe

  • SSDEEP

    49152:fX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85Q4:flRsZ47/QXoHUOfAoj1x64

Score
10/10
meshagentdevices

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

Devices

C2

http://meshcentral.mmcc.com.ph:443/agent.ashx

Attributes
  • mesh_id

    0x117FA8574255C4F0AE53CD698F2D3C21CC16DBCD677AE41703DBA7B8ADBCEDA2CBF4F4C7B97E22FC33E373C5418BED73

  • server_id

    8DD3EB4A1B2122996A5CFB0804EE496C8BA3062C70A86067DBCDFBB07E1744BF247B5F5E8605E229FF3083C67D56F03A

  • wss

    wss://meshcentral.mmcc.com.ph:443/agent.ashx

Targets

    • Target

      2024-12-02_00ade523ec98484ebb73b876383891ce_ismagent_ryuk_sliver

    • Size

      3.3MB

    • MD5

      00ade523ec98484ebb73b876383891ce

    • SHA1

      239e38c2a4ec9ee8946454fc0df79bc0282c8e98

    • SHA256

      94475e2a62a96138a56864170b5dc537b93ab0897d15ec7c59dbcf41e64f9359

    • SHA512

      5005f6cc364ff078cd5b046dc89b06d1e696e2674bcd49c29066cbebfb64bf4a41281cc8e40a4546ee2f5cdad7c51f5a6b6b329b2a164be14a844309ff8545fe

    • SSDEEP

      49152:fX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85Q4:flRsZ47/QXoHUOfAoj1x64

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks