Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

2024-12-19...er.exe

windows7-x64

1

2024-12-19...er.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-12-19_2d3853461c54eced35e3f4d04662dc27_ismagent_ryuk_sliver

  • Size

    3.3MB

  • Sample

    241219-meszeazqd1

  • MD5

    2d3853461c54eced35e3f4d04662dc27

  • SHA1

    bb669985af8d7f0325df91c7da007202b58f3d67

  • SHA256

    ca530cd76f60c068b8f5b5920976ff6fa84c24d3481415de12980e185017bde0

  • SHA512

    363c10fd16587815c15c8c1ef5ac3275dbb9ea7f6d1d2c0f53ba524579f58f33bc83297d966596f7cdc3af2f65a1f444eed5584f74684eabe9c21134a5c6f6c9

  • SSDEEP

    49152:sX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85Qx:slRsZ47/QXoHUOfAoj1x6x

Score
10/10
meshagentben -ics

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

Ben -ICS

C2

http://mesh.softteq.xyz:443/agent.ashx

Attributes
  • mesh_id

    0x847D2E1811E463EA04317F881AAE3B55D31D33F9B0E55C69458DF6A8C74381CA5A92B81D37575FE26351317786B29E5B

  • server_id

    C78CCE488D346EF8EF833B8090A9E6B1E8263BAB1C7BFD3B752544750C8D6F78E48EC54DAAF717EE8728B4F6DBE37BAB

  • wss

    wss://mesh.softteq.xyz:443/agent.ashx

Targets

    • Target

      2024-12-19_2d3853461c54eced35e3f4d04662dc27_ismagent_ryuk_sliver

    • Size

      3.3MB

    • MD5

      2d3853461c54eced35e3f4d04662dc27

    • SHA1

      bb669985af8d7f0325df91c7da007202b58f3d67

    • SHA256

      ca530cd76f60c068b8f5b5920976ff6fa84c24d3481415de12980e185017bde0

    • SHA512

      363c10fd16587815c15c8c1ef5ac3275dbb9ea7f6d1d2c0f53ba524579f58f33bc83297d966596f7cdc3af2f65a1f444eed5584f74684eabe9c21134a5c6f6c9

    • SSDEEP

      49152:sX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85Qx:slRsZ47/QXoHUOfAoj1x6x

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks