Overview

overview

10

Static

static

10

2025-01-21...er.exe

windows7-x64

1

2025-01-21...er.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2025-01-21_ad3f2be91eb1acce75e87f2f5373271d_ismagent_ryuk_sliver

  • Size

    3.3MB

  • Sample

    250121-w4z9fswnf1

  • MD5

    ad3f2be91eb1acce75e87f2f5373271d

  • SHA1

    6275cbe930d497c16246717ff5d8d624080e4b63

  • SHA256

    e64e9a4c9e7a5c334c37bd794e06d621e57b4c69af5b4378930cf07d07729ba6

  • SHA512

    6dcfa116537612c450429ec2ac563192c8868a6467bfe85e4d1989973f2255ff312ec6c2cbd67e8484476c12c475542fef0ac35502cd72d450e225c1805c1e9f

  • SSDEEP

    49152:sX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85QU:slRsZ47/QXoHUOfAoj1x6U

Score
10/10
meshagenttacticalrmm

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

TacticalRMM

C2

http://mesh.idnnov.com:443/agent.ashx

Attributes
  • mesh_id

    0xD6C236125D3B017A391F998A0564A13D50133360E77323521FB66E3348CE4D9243CA7731D4DD5238393F6B761530913F

  • server_id

    6F89AB0DE1DEA2EECF7DBA518473B22DE0B1AAD47C246ACA7B22A5C455F011AC9D553FE11AC68FFBBBF8FC01972AA119

  • wss

    wss://mesh.idnnov.com:443/agent.ashx

Targets

    • Target

      2025-01-21_ad3f2be91eb1acce75e87f2f5373271d_ismagent_ryuk_sliver

    • Size

      3.3MB

    • MD5

      ad3f2be91eb1acce75e87f2f5373271d

    • SHA1

      6275cbe930d497c16246717ff5d8d624080e4b63

    • SHA256

      e64e9a4c9e7a5c334c37bd794e06d621e57b4c69af5b4378930cf07d07729ba6

    • SHA512

      6dcfa116537612c450429ec2ac563192c8868a6467bfe85e4d1989973f2255ff312ec6c2cbd67e8484476c12c475542fef0ac35502cd72d450e225c1805c1e9f

    • SSDEEP

      49152:sX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85QU:slRsZ47/QXoHUOfAoj1x6U

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks