meshagent | 95424f5631d81844dffd48c4b8186781b9c687752e25d67172dbb5ce17c56fc2 | Triage

Sharing

General

Target

2025-01-09_9779d90863c67d9367f48b3b65017b57_ismagent_ryuk_sliver
Size

3.3MB
Sample

250109-rqmzratpgq
MD5

9779d90863c67d9367f48b3b65017b57
SHA1

58dc9ee21378278a5649586dfc9fdbb00de1f216
SHA256

95424f5631d81844dffd48c4b8186781b9c687752e25d67172dbb5ce17c56fc2
SHA512

421c760afc4b0f8eff01188b02441a76ddfc4df250733417eb21c0bc927fa38a2e6822aff4b5ad0b59e0ac78e5620defb7ab6e1dd6782f0684cfe0d09c19aceb
SSDEEP

49152:yX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85QC:ylRsZ47/QXoHUOfAoj1x6C

Score

10^/10

meshagent francis_teyssier_06-15-20-38-57

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

Francis_TEYSSIER_06-15-20-38-57

C2

http://meshcentral.teyssier.ovh:443/agent.ashx

Attributes

mesh_id
0xA2C23A6A09D3C5242046B2ECF43139803EB71D45F1166E71E80898568F0F090285EC64824103E3E84F3DB5BBF946AC0A
server_id
8ABCDA67361BE39A40832C47FC07AE51E55A619C45A3E378128675D7E22D8CDF20D0F933C2D58318B250167ED01DE772
wss
wss://meshcentral.teyssier.ovh:443/agent.ashx

Targets

- Target
  
  2025-01-09_9779d90863c67d9367f48b3b65017b57_ismagent_ryuk_sliver
- Size
  
  3.3MB
- MD5
  
  9779d90863c67d9367f48b3b65017b57
- SHA1
  
  58dc9ee21378278a5649586dfc9fdbb00de1f216
- SHA256
  
  95424f5631d81844dffd48c4b8186781b9c687752e25d67172dbb5ce17c56fc2
- SHA512
  
  421c760afc4b0f8eff01188b02441a76ddfc4df250733417eb21c0bc927fa38a2e6822aff4b5ad0b59e0ac78e5620defb7ab6e1dd6782f0684cfe0d09c19aceb
- SSDEEP
  
  49152:yX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85QC:ylRsZ47/QXoHUOfAoj1x6C
Score

1^/10
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

francis_teyssier_06-15-20-38-57meshagent

behavioral1

behavioral2