Overview

overview

10

Static

static

10

2024-12-10...er.exe

windows7-x64

1

2024-12-10...er.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-12-10_1637721d58f31b7630b8647a7cc2eb5f_ismagent_ryuk_sliver

  • Size

    3.3MB

  • Sample

    241210-b6xk5atqem

  • MD5

    1637721d58f31b7630b8647a7cc2eb5f

  • SHA1

    a45cd7e6af62e2ee39b236209e6ec095b921b5e5

  • SHA256

    3ef9b52a0586eb5aa4988c12e3fceaef8b2b9f1206913823933fe3881b8a09e8

  • SHA512

    9d669e20f79de91131d74f3a885ee7efff080dc751996fc4e6d5e56562a09e6735642d5e9101e2fce4e4cd170c88802c315a10d5f98109fa57f082a61db7ea52

  • SSDEEP

    49152:JX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQet52:JlRsZ47/QXoHUOfAoj14w

Score
10/10
meshagentvg

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

vg

C2

http://remoteshare.in:443/agent.ashx

Attributes
  • mesh_id

    0x3C6D14A2801F687AD516A61ADB6DEE7BD11BD0EEAA7745FF08B1428CE283DC2F4009F8376C58277CCCBA9EEC435A4A2F

  • server_id

    C548A56198204AA58B1B935B7C94DEC937F526F4D95BA9A934173D49C789C88C656BEC078BE602DD32033D07A44BF5E2

  • wss

    wss://remoteshare.in:443/agent.ashx

Targets

    • Target

      2024-12-10_1637721d58f31b7630b8647a7cc2eb5f_ismagent_ryuk_sliver

    • Size

      3.3MB

    • MD5

      1637721d58f31b7630b8647a7cc2eb5f

    • SHA1

      a45cd7e6af62e2ee39b236209e6ec095b921b5e5

    • SHA256

      3ef9b52a0586eb5aa4988c12e3fceaef8b2b9f1206913823933fe3881b8a09e8

    • SHA512

      9d669e20f79de91131d74f3a885ee7efff080dc751996fc4e6d5e56562a09e6735642d5e9101e2fce4e4cd170c88802c315a10d5f98109fa57f082a61db7ea52

    • SSDEEP

      49152:JX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQet52:JlRsZ47/QXoHUOfAoj14w

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks