Overview

overview

10

Static

static

10

2024-12-16...er.exe

windows7-x64

1

2024-12-16...er.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-12-16_422279765c53a39b94560cbde9032d9e_ismagent_ryuk_sliver

  • Size

    3.3MB

  • Sample

    241216-1axnpazret

  • MD5

    422279765c53a39b94560cbde9032d9e

  • SHA1

    3585edaa4caa7184b986331304fe7877dd30f62c

  • SHA256

    66e217096a94bafc64b465b264be0a19fbdf52171af28386e3149d231f193231

  • SHA512

    f6894f327b5794378d108e280c32fedc8bc41b064d51d664c5fed08ca298ceb8df57777798ed2f9cb5e84c1a8ce50d28eea7137fe039000269d436ef029111c3

  • SSDEEP

    49152:yX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85Qb:ylRsZ47/QXoHUOfAoj1x6b

Score
10/10
meshagenttacticalrmm

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

TacticalRMM

C2

http://mesh.3master.com.br:443/agent.ashx

Attributes
  • mesh_id

    0x1E34619622AEE4D7DE63668DBECE7381E6013BB046A2842C881FF4715D510C2DA38190C078BAF6B25EE97493CAD847A9

  • server_id

    AA8CC5E1631F6A3B9B03DC6B1EF14E9CA68DAB75A34D6EE7E2B208D70101BCB1C268548ACA36D57745BC2C2C311C0DF4

  • wss

    wss://mesh.3master.com.br:443/agent.ashx

Targets

    • Target

      2024-12-16_422279765c53a39b94560cbde9032d9e_ismagent_ryuk_sliver

    • Size

      3.3MB

    • MD5

      422279765c53a39b94560cbde9032d9e

    • SHA1

      3585edaa4caa7184b986331304fe7877dd30f62c

    • SHA256

      66e217096a94bafc64b465b264be0a19fbdf52171af28386e3149d231f193231

    • SHA512

      f6894f327b5794378d108e280c32fedc8bc41b064d51d664c5fed08ca298ceb8df57777798ed2f9cb5e84c1a8ce50d28eea7137fe039000269d436ef029111c3

    • SSDEEP

      49152:yX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85Qb:ylRsZ47/QXoHUOfAoj1x6b

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks