Overview

overview

10

Static

static

10

2025-01-10...er.exe

windows7-x64

1

2025-01-10...er.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2025-01-10_fec9c15e68ea359f037425b3f9e1f3f7_ismagent_ryuk_sliver

  • Size

    3.2MB

  • Sample

    250110-cjp37syjes

  • MD5

    fec9c15e68ea359f037425b3f9e1f3f7

  • SHA1

    f2b28f5bc0ad818a086d6f91e2f6680de6a76f6d

  • SHA256

    e56f349a8560972c05557646abe3d9640f959a1d2064985a373f00e9b14d5f21

  • SHA512

    2326d76887163b348b8b9bb5872533b881774a88513b5d73681d473325cfa7fe8ff7f288e43b0cce4030ebcc51784d2d24537306f17bbccdf4981c55da44bcff

  • SSDEEP

    49152:ZX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe4:ZlRsZ47/QXoHUOfAoj1D

Score
10/10
meshagentnetworks

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

Networks

C2

http://mlops.githubapp.net:443/agent.ashx

Attributes
  • mesh_id

    0x5AFDF8E1C25512374E2749438497687E7231B964A4EFEA4CC2D17D46AE2D8235A841A3E2AE3F4A06308F5BEC3D646AEA

  • server_id

    0A2EC4A0B2295C840E06DD219E5A94C8D92D6295041C4A8F8E598A86A819EE7E835C64AACC1B77833EABED29EC48DB1C

  • wss

    wss://mlops.githubapp.net:443/agent.ashx

Targets

    • Target

      2025-01-10_fec9c15e68ea359f037425b3f9e1f3f7_ismagent_ryuk_sliver

    • Size

      3.2MB

    • MD5

      fec9c15e68ea359f037425b3f9e1f3f7

    • SHA1

      f2b28f5bc0ad818a086d6f91e2f6680de6a76f6d

    • SHA256

      e56f349a8560972c05557646abe3d9640f959a1d2064985a373f00e9b14d5f21

    • SHA512

      2326d76887163b348b8b9bb5872533b881774a88513b5d73681d473325cfa7fe8ff7f288e43b0cce4030ebcc51784d2d24537306f17bbccdf4981c55da44bcff

    • SSDEEP

      49152:ZX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe4:ZlRsZ47/QXoHUOfAoj1D

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks