Overview

overview

10

Static

static

10

2024-12-25...er.exe

windows7-x64

1

2024-12-25...er.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-12-25_4b7fd91a07acd326899c36692b37e511_ismagent_ryuk_sliver

  • Size

    3.5MB

  • Sample

    241225-nvgfzssmft

  • MD5

    4b7fd91a07acd326899c36692b37e511

  • SHA1

    47b737907bfeb9c360f6deffb7db172dbd4fdab0

  • SHA256

    c76c17c355e58206db88c8c46750bd0c44913f0e93d4df152b62c7ab41d0b1d3

  • SHA512

    2be6b93c80ed2f0b9ee2ba06c41e3ff50e515924b8006caf7485907d1a16116987ad68a9904839dbe20f77363483b2bca54dbf9496840b7d23469fe486fb1bd9

  • SSDEEP

    49152:mX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQeN5jyRa:mlRsZ47/QXoHUOfAoj1A5P

Score
10/10
meshagentрусинтеко

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

РусИнтеКо

C2

http://ssl.netenv.icu:443/agent.ashx

Attributes
  • mesh_id

    0xE89DD7433B6800437930B37B8624D13B3BD3607F98CE87407FD7B3725A96BFB215293A9290220525726809B06A019131

  • server_id

    774DF3F4D3F49858DEF06D4FFBF2A724D573CA6EF2EBFB6DC80F445D0C5F24C84E1EF8364AB19E6D7D1CE9FEA6BA2C66

  • wss

    wss://ssl.netenv.icu:443/agent.ashx

Targets

    • Target

      2024-12-25_4b7fd91a07acd326899c36692b37e511_ismagent_ryuk_sliver

    • Size

      3.5MB

    • MD5

      4b7fd91a07acd326899c36692b37e511

    • SHA1

      47b737907bfeb9c360f6deffb7db172dbd4fdab0

    • SHA256

      c76c17c355e58206db88c8c46750bd0c44913f0e93d4df152b62c7ab41d0b1d3

    • SHA512

      2be6b93c80ed2f0b9ee2ba06c41e3ff50e515924b8006caf7485907d1a16116987ad68a9904839dbe20f77363483b2bca54dbf9496840b7d23469fe486fb1bd9

    • SSDEEP

      49152:mX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQeN5jyRa:mlRsZ47/QXoHUOfAoj1A5P

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks