sliver | 7493e9d330c6cd309670880f694b55d835ad3d774e907786d6eb5ac08dba21aa

Analysis

max time kernel
93s
max time network
143s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
03-12-2024 08:23

Target

2024-12-03_854a9b6f5229ca9623655c5af644afa7_ryuk.exe
Size

10.3MB
MD5

854a9b6f5229ca9623655c5af644afa7
SHA1

24403333b76134ecbb44747014b88c0b0be9831f
SHA256

7493e9d330c6cd309670880f694b55d835ad3d774e907786d6eb5ac08dba21aa
SHA512

11c3c3cd58c937967047e448847122abd24a7015d87e81923a5364f2f4e50610dae63a819fcc7812b01cae1e23e7d3b09852fc201edd4c0ba1e7d062c56aac4b
SSDEEP

196608:2X0lRFzyrh2OH0DuVBYcSEzZmbjOe+sIY7sk0nEG8MTLwQBItZqWHDp:Ec7YHqgZmbjO1NYwfr8MTLXsZPp

Score

10^/10

Sliver RAT v2 5 IoCs

Processes:

resource	yara_rule
behavioral2/memory/3488-2-0x0000000002AE0000-0x00000000034D8000-memory.dmp	SliverRAT_v2
behavioral2/memory/3488-1-0x0000000002AE0000-0x00000000034D8000-memory.dmp	SliverRAT_v2
behavioral2/memory/3488-0-0x0000000002AE0000-0x00000000034D8000-memory.dmp	SliverRAT_v2
behavioral2/memory/3488-3-0x0000000002AE0000-0x00000000034D8000-memory.dmp	SliverRAT_v2
behavioral2/memory/3488-4-0x0000000002AE0000-0x00000000034D8000-memory.dmp	SliverRAT_v2

Sliver family
sliver
SliverRAT
SliverRAT is an open source Adversary Emulation Framework.
trojan backdoor sliver

C:\Users\Admin\AppData\Local\Temp\2024-12-03_854a9b6f5229ca9623655c5af644afa7_ryuk.exe
"C:\Users\Admin\AppData\Local\Temp\2024-12-03_854a9b6f5229ca9623655c5af644afa7_ryuk.exe"
1⤵
PID:3488

memory/3488-2-0x0000000002AE0000-0x00000000034D8000-memory.dmp

Filesize
10.0MB

Download
memory/3488-1-0x0000000002AE0000-0x00000000034D8000-memory.dmp

Filesize
10.0MB

Download
memory/3488-0-0x0000000002AE0000-0x00000000034D8000-memory.dmp

Filesize
10.0MB

Download
memory/3488-3-0x0000000002AE0000-0x00000000034D8000-memory.dmp

Filesize
10.0MB

Download
memory/3488-4-0x0000000002AE0000-0x00000000034D8000-memory.dmp

Filesize
10.0MB

Download