Overview

overview

10

Static

static

10

2024-12-12...er.exe

windows7-x64

1

2024-12-12...er.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    2024-12-12_2fd59b386b0edeb1339577d8f26c4036_ismagent_ryuk_sliver

  • Size

    3.3MB

  • Sample

    241212-ctkaps1qfp

  • MD5

    2fd59b386b0edeb1339577d8f26c4036

  • SHA1

    64a80843726795e9669f5a31c895c3ec68f5ea8e

  • SHA256

    bc025c5f15aedf5eb295d0c11183d2cfa38b88d9dca6b003d79a1077d509489c

  • SHA512

    0ae0a50db8a6b57620c8124efbefd30af90a0cb009a5f1eeead9c4a1a382de74b618adb41c80554316308af5a26c8232d8aaa22eac896dc683fc91e31ea1d2fb

  • SSDEEP

    49152:QX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQet5M:QlRsZ47/QXoHUOfAoj14+

Score
10/10
meshagentvg

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

vg

C2

http://remoteshare.in:443/agent.ashx

Attributes
  • mesh_id

    0x3C6D14A2801F687AD516A61ADB6DEE7BD11BD0EEAA7745FF08B1428CE283DC2F4009F8376C58277CCCBA9EEC435A4A2F

  • server_id

    C548A56198204AA58B1B935B7C94DEC937F526F4D95BA9A934173D49C789C88C656BEC078BE602DD32033D07A44BF5E2

  • wss

    wss://remoteshare.in:443/agent.ashx

Targets

    • Target

      2024-12-12_2fd59b386b0edeb1339577d8f26c4036_ismagent_ryuk_sliver

    • Size

      3.3MB

    • MD5

      2fd59b386b0edeb1339577d8f26c4036

    • SHA1

      64a80843726795e9669f5a31c895c3ec68f5ea8e

    • SHA256

      bc025c5f15aedf5eb295d0c11183d2cfa38b88d9dca6b003d79a1077d509489c

    • SHA512

      0ae0a50db8a6b57620c8124efbefd30af90a0cb009a5f1eeead9c4a1a382de74b618adb41c80554316308af5a26c8232d8aaa22eac896dc683fc91e31ea1d2fb

    • SSDEEP

      49152:QX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQet5M:QlRsZ47/QXoHUOfAoj14+

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks