Overview

overview

10

Static

static

10

2024-12-22...er.exe

windows7-x64

1

2024-12-22...er.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-12-22_734f52c6a953b1ad17329d569873dadf_ismagent_ryuk_sliver

  • Size

    3.3MB

  • Sample

    241222-bxyrtsxpfy

  • MD5

    734f52c6a953b1ad17329d569873dadf

  • SHA1

    58d860ae4aaef0f6fb2e271df09531a95b17eef1

  • SHA256

    50b7de4cb170e0d58acb74c73b48f4a257f02a58523f2e011424517698328ecd

  • SHA512

    3b139243a9cd414facde401b423d673794734d714a8708de4a8bdb8aa7ecc813b4f5b1829c7046e12aeeb544d7761b9c9de7ef2dcc5553be9f3f083c9d227ecb

  • SSDEEP

    49152:fX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85Q6:flRsZ47/QXoHUOfAoj1x66

Score
10/10
meshagentmesh

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

mesh

C2

http://grente.mooo.com:443/agent.ashx

Attributes
  • mesh_id

    0xD978C3444AF27C15E685D46EB2067B5087AB26965915BE0D9F7E30875DCBC2290CD835ACCBBE060CA431F47422C8FDE5

  • server_id

    F836976A3ABCA7FB39B7D4C2724667D7DFD3F578D080C4B24DD14C63599C99DEC4B847BD7B53938362A8BE899A522C4E

  • wss

    wss://grente.mooo.com:443/agent.ashx

Targets

    • Target

      2024-12-22_734f52c6a953b1ad17329d569873dadf_ismagent_ryuk_sliver

    • Size

      3.3MB

    • MD5

      734f52c6a953b1ad17329d569873dadf

    • SHA1

      58d860ae4aaef0f6fb2e271df09531a95b17eef1

    • SHA256

      50b7de4cb170e0d58acb74c73b48f4a257f02a58523f2e011424517698328ecd

    • SHA512

      3b139243a9cd414facde401b423d673794734d714a8708de4a8bdb8aa7ecc813b4f5b1829c7046e12aeeb544d7761b9c9de7ef2dcc5553be9f3f083c9d227ecb

    • SSDEEP

      49152:fX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85Q6:flRsZ47/QXoHUOfAoj1x66

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks