Overview

overview

10

Static

static

10

2025-01-14...er.exe

windows7-x64

1

2025-01-14...er.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2025-01-14_82eb34d34a69b392274c06c1c9be6d6e_ismagent_ryuk_sliver

  • Size

    3.3MB

  • Sample

    250114-t57zkssrdt

  • MD5

    82eb34d34a69b392274c06c1c9be6d6e

  • SHA1

    33bfe2bb0efc21ecf879736649ff879ec3a58ddd

  • SHA256

    09dad3ec1135cf02ed9df7b7905a5170d51b30efbeec4257f7f5fbaf4cea36b7

  • SHA512

    6f024b080cf7f6867792a2cb9348c417cbade5e3d228373c46ab2c0c70021bf7412f9e06fb684d63868703380333248d6568d877dcc309f2cbd3849f4f1f1615

  • SSDEEP

    49152:CX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85Qc:ClRsZ47/QXoHUOfAoj1x6c

Score
10/10
meshagenttacticalrmm

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

TacticalRMM

C2

http://mesh.tac.precisiontechnology.co.za:443/agent.ashx

Attributes
  • mesh_id

    0x5F81098E95491822750E90D83E920BAEF592E52ECE22FDA58578D1ED9250BD7D22A679660819C334D1FEF408E51082EE

  • server_id

    A4E3D527A8DCEB4228B75060122939DDEAE2B1A8B6B3FB183AD7124AFDB65856BF6F06444E803833494927F24894F0A1

  • wss

    wss://mesh.tac.precisiontechnology.co.za:443/agent.ashx

Targets

    • Target

      2025-01-14_82eb34d34a69b392274c06c1c9be6d6e_ismagent_ryuk_sliver

    • Size

      3.3MB

    • MD5

      82eb34d34a69b392274c06c1c9be6d6e

    • SHA1

      33bfe2bb0efc21ecf879736649ff879ec3a58ddd

    • SHA256

      09dad3ec1135cf02ed9df7b7905a5170d51b30efbeec4257f7f5fbaf4cea36b7

    • SHA512

      6f024b080cf7f6867792a2cb9348c417cbade5e3d228373c46ab2c0c70021bf7412f9e06fb684d63868703380333248d6568d877dcc309f2cbd3849f4f1f1615

    • SSDEEP

      49152:CX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85Qc:ClRsZ47/QXoHUOfAoj1x6c

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks