Overview

overview

10

Static

static

10

2024-12-09...er.exe

windows7-x64

1

2024-12-09...er.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-12-09_7f7fe2a12ac26b2a3879541aaecef999_ismagent_ryuk_sliver

  • Size

    3.3MB

  • Sample

    241209-x81apatlek

  • MD5

    7f7fe2a12ac26b2a3879541aaecef999

  • SHA1

    1d84175349b0463219a3eec43dc76571f06f0d1d

  • SHA256

    f8715ae0dac6d8721719093fed75123f538fdb1f8c3a022fe44d49161aee9f44

  • SHA512

    1ce3a17aff341454679d848721e320f9f5cf254d6899cbf5f2b5382064dfe01612f90d6edcf79be49d00613b1ff7cc5c3bb7d95e112477813fd9df7b192b2002

  • SSDEEP

    49152:8X3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85QV:8lRsZ47/QXoHUOfAoj1x6V

Score
10/10
meshagenttacticalrmm

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

TacticalRMM

C2

http://mesh.caproverhub.com:443/agent.ashx

Attributes
  • mesh_id

    0xB2950F4E0AC577A94CBEAC9B8D09710B324631A9D74E5A2F4FD886FAB132D6E9390F67398EEEAA99FA5A8A5E4BC1CC68

  • server_id

    1D3AC4156D5E2F4548A462EA92648AB98C5023AEFA246777CDD1010CDE0BABB8B84DD6BD49572B8CA2FC920486FD7466

  • wss

    wss://mesh.caproverhub.com:443/agent.ashx

Targets

    • Target

      2024-12-09_7f7fe2a12ac26b2a3879541aaecef999_ismagent_ryuk_sliver

    • Size

      3.3MB

    • MD5

      7f7fe2a12ac26b2a3879541aaecef999

    • SHA1

      1d84175349b0463219a3eec43dc76571f06f0d1d

    • SHA256

      f8715ae0dac6d8721719093fed75123f538fdb1f8c3a022fe44d49161aee9f44

    • SHA512

      1ce3a17aff341454679d848721e320f9f5cf254d6899cbf5f2b5382064dfe01612f90d6edcf79be49d00613b1ff7cc5c3bb7d95e112477813fd9df7b192b2002

    • SSDEEP

      49152:8X3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85QV:8lRsZ47/QXoHUOfAoj1x6V

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks