Overview

overview

10

Static

static

10

2024-12-09...er.exe

windows7-x64

1

2024-12-09...er.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    2024-12-09_b5e5bac15d8e0f610ae7a128b6d95ecf_ismagent_ryuk_sliver

  • Size

    3.2MB

  • Sample

    241209-mmag2azjck

  • MD5

    b5e5bac15d8e0f610ae7a128b6d95ecf

  • SHA1

    b6bab2cd121b19cfed4cbac39d8312377d89398a

  • SHA256

    217e140199a69fbb5f7d5b9a4e8befa18716d062489940737e6af4b09801c9ac

  • SHA512

    da27ee036623dab8210455897355436b270fd6fbc50596b0401cb1f6af81cb11bbcaff884a6dc36011fec3396e95d3c4dec7e5339d8e147cbe6658811f1e3998

  • SSDEEP

    49152:Q0yAXvucS6SnbZVlxyZH0XAaCx5OX9ZO/xtEfOfzMFvfDTtKjkVE+ubDw8litYO6:Tvg6ClrBCjec+OfAK7DuYOQv

Score
10/10
meshagentloan link

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

Loan Link

C2

http://mc.nalteca.net:9443/agent.ashx

Attributes
  • mesh_id

    0xB9834104560949FDFDFDC8BAD85B9111FB999F107A5E950EDC489D2FBFD856F29FD9BC6C45FDCCD32B2E2F132A75C8E7

  • server_id

    9A2CE4615CF0B2EDF7C2FC6C8B2BC0608A0318A04336821B7869DE48420C6F0E66786F1D3D55DE384CEC70D159AA3924

  • wss

    wss://mc.nalteca.net:9443/agent.ashx

Targets

    • Target

      2024-12-09_b5e5bac15d8e0f610ae7a128b6d95ecf_ismagent_ryuk_sliver

    • Size

      3.2MB

    • MD5

      b5e5bac15d8e0f610ae7a128b6d95ecf

    • SHA1

      b6bab2cd121b19cfed4cbac39d8312377d89398a

    • SHA256

      217e140199a69fbb5f7d5b9a4e8befa18716d062489940737e6af4b09801c9ac

    • SHA512

      da27ee036623dab8210455897355436b270fd6fbc50596b0401cb1f6af81cb11bbcaff884a6dc36011fec3396e95d3c4dec7e5339d8e147cbe6658811f1e3998

    • SSDEEP

      49152:Q0yAXvucS6SnbZVlxyZH0XAaCx5OX9ZO/xtEfOfzMFvfDTtKjkVE+ubDw8litYO6:Tvg6ClrBCjec+OfAK7DuYOQv

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks