Overview

overview

10

Static

static

10

2025-01-15...er.exe

windows7-x64

1

2025-01-15...er.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2025-01-15_2d02d393d2b5f82b001f39f5e44b69a3_ismagent_ryuk_sliver

  • Size

    3.3MB

  • Sample

    250115-ezsv5sspgn

  • MD5

    2d02d393d2b5f82b001f39f5e44b69a3

  • SHA1

    b6a631c44f9c28d8cceaa5f7baaccd914c12924c

  • SHA256

    9cb6c971f5df94f62ecc4baf5e053916d90003f9d7487f3ecac145955e61ff3e

  • SHA512

    0b16c834939313e29c1c00ba083ed97cfc5fe3f075d9ddd8bb6ecc66eba666d536aff8c83b2971bcd34243869a7ceb8fee8dceb8ee1210b1fac60e6b0f578e23

  • SSDEEP

    49152:0X3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85Qw:0lRsZ47/QXoHUOfAoj1x6w

Score
10/10
meshagentstaging

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

Staging

C2

http://lw0mllg7y89xkio.aleeacademy.org:443/agent.ashx

Attributes
  • mesh_id

    0xFE423B0D607D650FB6940AE4483249BF3E6996DD274D697B23F83BCB9DD4D4D5987A44AC982BD0159D2894BBE8E46564

  • server_id

    727FD3CCAB7B0FAA04ED848DAF78D8271D88ABA89A62434EF0367122BEA1FA836DF91BD3BDBF31324E1687F5E7D6FDC5

  • wss

    wss://lw0mllg7y89xkio.aleeacademy.org:443/agent.ashx

Targets

    • Target

      2025-01-15_2d02d393d2b5f82b001f39f5e44b69a3_ismagent_ryuk_sliver

    • Size

      3.3MB

    • MD5

      2d02d393d2b5f82b001f39f5e44b69a3

    • SHA1

      b6a631c44f9c28d8cceaa5f7baaccd914c12924c

    • SHA256

      9cb6c971f5df94f62ecc4baf5e053916d90003f9d7487f3ecac145955e61ff3e

    • SHA512

      0b16c834939313e29c1c00ba083ed97cfc5fe3f075d9ddd8bb6ecc66eba666d536aff8c83b2971bcd34243869a7ceb8fee8dceb8ee1210b1fac60e6b0f578e23

    • SSDEEP

      49152:0X3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85Qw:0lRsZ47/QXoHUOfAoj1x6w

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks