Overview

overview

10

Static

static

10

2025-01-20...er.exe

windows7-x64

1

2025-01-20...er.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2025-01-20_779a16f29553f43ca79a3098c8cb9aaf_ismagent_ryuk_sliver

  • Size

    3.3MB

  • Sample

    250120-ppvbbsyqgr

  • MD5

    779a16f29553f43ca79a3098c8cb9aaf

  • SHA1

    7df51d6c8a3e4f9941883ce16fc901c047f84a3f

  • SHA256

    b8bc875e06c71a6aaa2fb1b3e0273b16ec4d2aed0d5a4aee67eac2e4ab87494a

  • SHA512

    11a1b9708b96185e667f4d095c16f1122e34bd28fcdb9fbf43423cdc9507c93f07edd0c982886b490c287c5506fceda1816ca134b255229857814da62c47d06b

  • SSDEEP

    49152:nX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85QO:nlRsZ47/QXoHUOfAoj1x6O

Score
10/10
meshagentgeneral

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

General

C2

http://msh.pc-support.uk.com:443/agent.ashx

Attributes
  • mesh_id

    0xA43F351184D657762D7553FE58C1B31B1811222EA622ED224FD27A4EE9D43C43836348C30E9827FF8D8ACF4C4F7A2CFB

  • server_id

    4FE69704F35C7E241BCF6EE81C9E3D44015DE7AE8FE2FD11E2A9F1085E5C2A17652ED2FD68CD583DF26330555385DAC3

  • wss

    wss://msh.pc-support.uk.com:443/agent.ashx

Targets

    • Target

      2025-01-20_779a16f29553f43ca79a3098c8cb9aaf_ismagent_ryuk_sliver

    • Size

      3.3MB

    • MD5

      779a16f29553f43ca79a3098c8cb9aaf

    • SHA1

      7df51d6c8a3e4f9941883ce16fc901c047f84a3f

    • SHA256

      b8bc875e06c71a6aaa2fb1b3e0273b16ec4d2aed0d5a4aee67eac2e4ab87494a

    • SHA512

      11a1b9708b96185e667f4d095c16f1122e34bd28fcdb9fbf43423cdc9507c93f07edd0c982886b490c287c5506fceda1816ca134b255229857814da62c47d06b

    • SSDEEP

      49152:nX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85QO:nlRsZ47/QXoHUOfAoj1x6O

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks