meshagent | e8394adc4759814165d629756e9095518635b9c47601127f4c85514c2e843627 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-12-09_9d85cd51ab5d84d9c2a90a7cf2509dda_ismagent_ryuk_sliver
Size

3.3MB
Sample

241209-1dfjkssjf1
MD5

9d85cd51ab5d84d9c2a90a7cf2509dda
SHA1

5ff96da0ddfb063f9e6182677d0038a1df19306a
SHA256

e8394adc4759814165d629756e9095518635b9c47601127f4c85514c2e843627
SHA512

e913b5fc70db69ea3a9d881db3602d314d9891946dcd4cc533db0aa3dd41464ad172a96ddd29daff611f78dd80f96aee72998150d7be053d8b5083e816c2c5e8
SSDEEP

49152:5X3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQet5h:5lRsZ47/QXoHUOfAoj14f

Score

10^/10

meshagent itsol

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

itsol

C2

http://remoteshare.in:443/agent.ashx

Attributes

mesh_id
0x3A22E403AE7FDB90F795076067E04A3E799B0B28F31C6109FFA3D352C79720AF607FA85CFAE59883F6FB5D228A7FAC13
server_id
C548A56198204AA58B1B935B7C94DEC937F526F4D95BA9A934173D49C789C88C656BEC078BE602DD32033D07A44BF5E2
wss
wss://remoteshare.in:443/agent.ashx

Targets

- Target
  
  2024-12-09_9d85cd51ab5d84d9c2a90a7cf2509dda_ismagent_ryuk_sliver
- Size
  
  3.3MB
- MD5
  
  9d85cd51ab5d84d9c2a90a7cf2509dda
- SHA1
  
  5ff96da0ddfb063f9e6182677d0038a1df19306a
- SHA256
  
  e8394adc4759814165d629756e9095518635b9c47601127f4c85514c2e843627
- SHA512
  
  e913b5fc70db69ea3a9d881db3602d314d9891946dcd4cc533db0aa3dd41464ad172a96ddd29daff611f78dd80f96aee72998150d7be053d8b5083e816c2c5e8
- SSDEEP
  
  49152:5X3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQet5h:5lRsZ47/QXoHUOfAoj14f
Score

1^/10
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2