Overview

overview

10

Static

static

10

2024-12-26...er.exe

windows7-x64

1

2024-12-26...er.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-12-26_0fbffc00bf3774123bf8bbd0326a2ce4_ismagent_ryuk_sliver

  • Size

    3.3MB

  • Sample

    241226-pkwctswjal

  • MD5

    0fbffc00bf3774123bf8bbd0326a2ce4

  • SHA1

    4e8469a798a3053bd4075438c893bfbd08b3001a

  • SHA256

    0cd73681c633f307997f3fe1212cb04934807664d71b34e6f33bfc10b027f17a

  • SHA512

    45a8455220ca4172f540e555fca8e62fe6b3eec2616d3834d955f8b09c2dfb6c8f6042e875973d307f7b13e06b7799a3ec53288877fd81dad2dadc03e6fd9fc8

  • SSDEEP

    49152:OX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85QS:OlRsZ47/QXoHUOfAoj1x6S

Score
10/10
meshagentbabylon

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

Babylon

C2

http://support.alsharaa-dent.com:443/agent.ashx

Attributes
  • mesh_id

    0xE30E898AE4E7B90B42A5DC717A4BCAD6DABD5DABABFCEC1E09067180F2FCF2FD7A95F9B6B04D0D834655EE521DAFE420

  • server_id

    6194A270578F1AD0161596BDE10800F9CDDF1048B09C1C7EAB58C6E4D018A6A69BFBCCEDED0DB5D2FA27ECE19D5CA7FF

  • wss

    wss://support.alsharaa-dent.com:443/agent.ashx

Targets

    • Target

      2024-12-26_0fbffc00bf3774123bf8bbd0326a2ce4_ismagent_ryuk_sliver

    • Size

      3.3MB

    • MD5

      0fbffc00bf3774123bf8bbd0326a2ce4

    • SHA1

      4e8469a798a3053bd4075438c893bfbd08b3001a

    • SHA256

      0cd73681c633f307997f3fe1212cb04934807664d71b34e6f33bfc10b027f17a

    • SHA512

      45a8455220ca4172f540e555fca8e62fe6b3eec2616d3834d955f8b09c2dfb6c8f6042e875973d307f7b13e06b7799a3ec53288877fd81dad2dadc03e6fd9fc8

    • SSDEEP

      49152:OX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85QS:OlRsZ47/QXoHUOfAoj1x6S

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks