Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

2024-12-18...er.exe

windows7-x64

1

2024-12-18...er.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-12-18_1ca1fe83b2928e8884f3a2c3a50f99c0_ismagent_ryuk_sliver

  • Size

    3.3MB

  • Sample

    241218-nf3exaxqfq

  • MD5

    1ca1fe83b2928e8884f3a2c3a50f99c0

  • SHA1

    c82274b744accde78461d309de341c13357bbd92

  • SHA256

    648dc9d6b25f2a4bef52cdbe9f99b8b97aa03c711580387e04db3381137da2ab

  • SHA512

    e5ab8c895d2bc7f2dd443bae8e39fbd665e3e6cfc263c951332c0f1168ca1e8074b41d6f28d5e37a165fd1826d7fe6c2ef742fedc5b45d31f5df5a8245820bff

  • SSDEEP

    49152:BX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85Q2:BlRsZ47/QXoHUOfAoj1x62

Score
10/10
meshagenttacticalrmm

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

TacticalRMM

C2

http://mesh.eyeti.de:443/agent.ashx

Attributes
  • mesh_id

    0x44B5E0BE13A0AE882F4C130C126D9327708C6C668C1B9066216C38283AAB56D158F438CB4BED061E3885E8CB00068E7A

  • server_id

    A3447B5E21B04E3D2E15033B6C7F9522AF502D75D20CCDD3210790493E3883241B878C331B198D3B0E5DDCF9BD906D8F

  • wss

    wss://mesh.eyeti.de:443/agent.ashx

Targets

    • Target

      2024-12-18_1ca1fe83b2928e8884f3a2c3a50f99c0_ismagent_ryuk_sliver

    • Size

      3.3MB

    • MD5

      1ca1fe83b2928e8884f3a2c3a50f99c0

    • SHA1

      c82274b744accde78461d309de341c13357bbd92

    • SHA256

      648dc9d6b25f2a4bef52cdbe9f99b8b97aa03c711580387e04db3381137da2ab

    • SHA512

      e5ab8c895d2bc7f2dd443bae8e39fbd665e3e6cfc263c951332c0f1168ca1e8074b41d6f28d5e37a165fd1826d7fe6c2ef742fedc5b45d31f5df5a8245820bff

    • SSDEEP

      49152:BX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85Q2:BlRsZ47/QXoHUOfAoj1x62

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks