Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

2024-12-23...er.exe

windows7-x64

1

2024-12-23...er.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-12-23_3b19fbc37c12dbbe7007fab300f99d26_ismagent_ryuk_sliver

  • Size

    3.3MB

  • Sample

    241223-eyrxfswldk

  • MD5

    3b19fbc37c12dbbe7007fab300f99d26

  • SHA1

    fea747f450284c9f63bcfd0fd07c8cf87b65737a

  • SHA256

    7492e201166d439714ba932756058545b06abe7b885be3ea6a84e37e7a17eff8

  • SHA512

    a6278a80c663bc4abe16e5457db93b0402154fd9c823f5963fb6546c3ed02969ec785b7c7b2c8d3682da5e7e4d77c731372b5e50450c0591ea786392e338c419

  • SSDEEP

    49152:zX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85Qa:zlRsZ47/QXoHUOfAoj1x6a

Score
10/10
meshagenttacticalrmm

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

TacticalRMM

C2

http://mesh.lucasddev.com.br:443/agent.ashx

Attributes
  • mesh_id

    0x18373265A3485CDC5D46424AAA6B5C755FFF536EC8AE957163B5D53DD7C53595E951AB317CDC7015092D9EA0F1C251E5

  • server_id

    85B6982D00B1096A7658A09413AF848272B977C7363982289BB92501AE99FE6FE7FA50FB0644735CFB62C7803E63BADE

  • wss

    wss://mesh.lucasddev.com.br:443/agent.ashx

Targets

    • Target

      2024-12-23_3b19fbc37c12dbbe7007fab300f99d26_ismagent_ryuk_sliver

    • Size

      3.3MB

    • MD5

      3b19fbc37c12dbbe7007fab300f99d26

    • SHA1

      fea747f450284c9f63bcfd0fd07c8cf87b65737a

    • SHA256

      7492e201166d439714ba932756058545b06abe7b885be3ea6a84e37e7a17eff8

    • SHA512

      a6278a80c663bc4abe16e5457db93b0402154fd9c823f5963fb6546c3ed02969ec785b7c7b2c8d3682da5e7e4d77c731372b5e50450c0591ea786392e338c419

    • SSDEEP

      49152:zX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85Qa:zlRsZ47/QXoHUOfAoj1x6a

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks