Overview

overview

10

Static

static

10

2025-01-16...er.exe

windows7-x64

1

2025-01-16...er.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2025-01-16_2d3529783f298a0c17bac2bc3fcf3b26_ismagent_ryuk_sliver

  • Size

    3.3MB

  • Sample

    250116-sshcqaxlhn

  • MD5

    2d3529783f298a0c17bac2bc3fcf3b26

  • SHA1

    366b13638c9909f21956f166d88a7ad1655e5855

  • SHA256

    a9cc3b572cdb5dfa68ed1ac42725eeed2304b635470a74f2fedb0f17801499dd

  • SHA512

    7d33de52e3c4f19b5bb93b1d1b0507ce627f171f73067903025c15c44620ec0721e035c9ac3dfe3ef57d94ee34506c532ffb00fcc6bbf55ed30cd275091da671

  • SSDEEP

    49152:+X3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85QS:+lRsZ47/QXoHUOfAoj1x6S

Score
10/10
meshagent2- diger

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

2- Diger

C2

http://support.interpacs.com.tr:443/agent.ashx

Attributes
  • mesh_id

    0x709A7D440C30D733B9B6DA45AD8D37CBCB0058CD00702B633E4496A5BDC65FE34DF238ACE9E9D34A7B2C3F35E9D09835

  • server_id

    5F98FDC8B70F7C767794107EADDADD0FC4644E2AEDEBD3B2EA3B0B68BECC6AD136F15B3F7C11319C9E7172AE39DDBDDB

  • wss

    wss://support.interpacs.com.tr:443/agent.ashx

Targets

    • Target

      2025-01-16_2d3529783f298a0c17bac2bc3fcf3b26_ismagent_ryuk_sliver

    • Size

      3.3MB

    • MD5

      2d3529783f298a0c17bac2bc3fcf3b26

    • SHA1

      366b13638c9909f21956f166d88a7ad1655e5855

    • SHA256

      a9cc3b572cdb5dfa68ed1ac42725eeed2304b635470a74f2fedb0f17801499dd

    • SHA512

      7d33de52e3c4f19b5bb93b1d1b0507ce627f171f73067903025c15c44620ec0721e035c9ac3dfe3ef57d94ee34506c532ffb00fcc6bbf55ed30cd275091da671

    • SSDEEP

      49152:+X3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85QS:+lRsZ47/QXoHUOfAoj1x6S

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks