Overview

overview

10

Static

static

10

2024-12-18...er.exe

windows7-x64

1

2024-12-18...er.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-12-18_d05cbcaffe50c0ce8915a3818a5cc4af_ismagent_ryuk_sliver

  • Size

    3.3MB

  • Sample

    241218-bwl2mswqbw

  • MD5

    d05cbcaffe50c0ce8915a3818a5cc4af

  • SHA1

    21bc31af413942ca4cdf84f1993d20bedf25b3a4

  • SHA256

    fa4536c71b4ba6afd0e2b0cc6c31fcfdf3cc242320b0b7e822762ff0d4e042fc

  • SHA512

    5bbcb6c835cddf5c9fef7940f746a41dc4ba1688264890d0c52de9865a34880a8210d6b2aa315e5b9011176f76e115d1977e070b14c05f3b055b2386ab715762

  • SSDEEP

    49152:pX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85Qz:plRsZ47/QXoHUOfAoj1x6z

Score
10/10
meshagentwan devices

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

WAN Devices

C2

http://mwg.dscloud.biz:443/agent.ashx

Attributes
  • mesh_id

    0x8C708F3AB3A233BEE8C0DBBBF768A1F41E33F85BE45CDF0930092790E2AE341F93E74FC96423F98ABC504D4E6205CA66

  • server_id

    D00CAD2DC3119E08A6F1DB3246527615C5B9B346EE7D3717AB450136A1EA7B926404DC5CF5F4DEF0520124B9A85E4B6B

  • wss

    wss://mwg.dscloud.biz:443/agent.ashx

Targets

    • Target

      2024-12-18_d05cbcaffe50c0ce8915a3818a5cc4af_ismagent_ryuk_sliver

    • Size

      3.3MB

    • MD5

      d05cbcaffe50c0ce8915a3818a5cc4af

    • SHA1

      21bc31af413942ca4cdf84f1993d20bedf25b3a4

    • SHA256

      fa4536c71b4ba6afd0e2b0cc6c31fcfdf3cc242320b0b7e822762ff0d4e042fc

    • SHA512

      5bbcb6c835cddf5c9fef7940f746a41dc4ba1688264890d0c52de9865a34880a8210d6b2aa315e5b9011176f76e115d1977e070b14c05f3b055b2386ab715762

    • SSDEEP

      49152:pX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85Qz:plRsZ47/QXoHUOfAoj1x6z

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks