Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

2025-01-27...er.exe

windows7-x64

1

2025-01-27...er.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2025-01-27_733ce5a04845e502eb7f56a7c18fcd06_ismagent_ryuk_sliver

  • Size

    3.3MB

  • Sample

    250127-sbyclsvkak

  • MD5

    733ce5a04845e502eb7f56a7c18fcd06

  • SHA1

    ec0be6277692f76f4fdce949456295abd0992eb7

  • SHA256

    938757e74476831c68c93dc6e99572d05a4a708c072dfb829a470f6e10395463

  • SHA512

    d6a4c74f45b12a564953f8b814558e585c3c82a5a68a61d66d4ef1a9a5fc171e12e5f2a8606757ee3e5bb8f79db60ee2b068fce11791c193bebc4f942afbea39

  • SSDEEP

    49152:iX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQeN5Q:ilRsZ47/QXoHUOfAoj1Ia

Score
10/10
meshagentboxer

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

BOXER

C2

http://paxt0.com:443/agent.ashx

Attributes
  • mesh_id

    0xC50D17722E3E43B7CF248C2038B06E852AC57EA4EF7A055A27C63F94C3E437DD941F265339FCC185A84B518E5B0A25B6

  • server_id

    9532697E003A1217270D21486640D1CCF958760BBC1166677E052A0128B09A061B8B84DED861C317F2470D776EA9FEDA

  • wss

    wss://paxt0.com:443/agent.ashx

Targets

    • Target

      2025-01-27_733ce5a04845e502eb7f56a7c18fcd06_ismagent_ryuk_sliver

    • Size

      3.3MB

    • MD5

      733ce5a04845e502eb7f56a7c18fcd06

    • SHA1

      ec0be6277692f76f4fdce949456295abd0992eb7

    • SHA256

      938757e74476831c68c93dc6e99572d05a4a708c072dfb829a470f6e10395463

    • SHA512

      d6a4c74f45b12a564953f8b814558e585c3c82a5a68a61d66d4ef1a9a5fc171e12e5f2a8606757ee3e5bb8f79db60ee2b068fce11791c193bebc4f942afbea39

    • SSDEEP

      49152:iX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQeN5Q:ilRsZ47/QXoHUOfAoj1Ia

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks