Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

2024-12-29...er.exe

windows7-x64

1

2024-12-29...er.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-12-29_3394eb5aeb23a2f64ae7839d79ead479_ismagent_ryuk_sliver

  • Size

    3.2MB

  • Sample

    241229-brcbmsxqdt

  • MD5

    3394eb5aeb23a2f64ae7839d79ead479

  • SHA1

    a921e444db25989c4344054e47f1498bf8aa1401

  • SHA256

    5ebdaa45ee3d69e2c70cf58856e8200727593746e3d77a001a828051ea6d94f1

  • SHA512

    a297ef199ca9799ee23707c6a1af3752968a7bae57a72d5f17fdcfe651c73da89d2adf657b81927bcc16de77e17ee0570fa9fe64ed1f00150b36f9a17aa3453c

  • SSDEEP

    49152:w0yAXvucS6SnbZVlxyZH0XAaCx5OX9ZO/xtEfOfzMFvfDTtKjkVE+ubDw8litYOw:zvg6ClrBCjec+OfAK7DuYOQB

Score
10/10
meshagentvalcomelton

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

ValcoMelton

C2

http://VMMeshCentral.valcousa.valcocincinnatiinc.com:443/agent.ashx

Attributes
  • mesh_id

    0x4D70188F57284413889FADB9D722E2C01EC971A2A84108B8768854C8673F7EE096BD41ED68A84708F5EAC0343C7A8ED6

  • server_id

    A83B77A5DF7430CCF87EA742D536FFB48DADA0D76FBA37E38D80B84D7D3C2299A343497F112AF2813E143A71E1E506E0

  • wss

    wss://VMMeshCentral.valcousa.valcocincinnatiinc.com:443/agent.ashx

Targets

    • Target

      2024-12-29_3394eb5aeb23a2f64ae7839d79ead479_ismagent_ryuk_sliver

    • Size

      3.2MB

    • MD5

      3394eb5aeb23a2f64ae7839d79ead479

    • SHA1

      a921e444db25989c4344054e47f1498bf8aa1401

    • SHA256

      5ebdaa45ee3d69e2c70cf58856e8200727593746e3d77a001a828051ea6d94f1

    • SHA512

      a297ef199ca9799ee23707c6a1af3752968a7bae57a72d5f17fdcfe651c73da89d2adf657b81927bcc16de77e17ee0570fa9fe64ed1f00150b36f9a17aa3453c

    • SSDEEP

      49152:w0yAXvucS6SnbZVlxyZH0XAaCx5OX9ZO/xtEfOfzMFvfDTtKjkVE+ubDw8litYOw:zvg6ClrBCjec+OfAK7DuYOQB

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks