Overview

overview

10

Static

static

10

2025-01-29...er.exe

windows7-x64

1

2025-01-29...er.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2025-01-29_863a3f6013bf39a10b8fe0de5422a443_ismagent_ryuk_sliver

  • Size

    3.3MB

  • Sample

    250129-x4xn1awlfk

  • MD5

    863a3f6013bf39a10b8fe0de5422a443

  • SHA1

    a0633a4b006b4ad651716f41427841b0d949a568

  • SHA256

    fb3b448e3d56c87ef2962a8e81332afdf7838387e720061e6ff3fc974dd5a988

  • SHA512

    0b7f151a9e2fdfb599088d3d500ec1513703e4adcfff5b8a006601b178f7f0601e9bc02631b70cf9a634d55873095a87a508efc09b2ef90c7cf7b12527855259

  • SSDEEP

    49152:bX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85QJ:blRsZ47/QXoHUOfAoj1x6J

Score
10/10
meshagenttest machines

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

Test Machines

C2

http://meshcentral.eatoncomp.com:443/agent.ashx

Attributes
  • mesh_id

    0x2BF8CE5A4329BF54BCADDCB1BAEB5B75D0EF48BAF35D03102B5BFF2BA8BB02C4C8B1A735D832B42F2DAF5F9B37138473

  • server_id

    972148C9B53BA2F860461FCA91494F0D5B138B44D1DCCECEF14DF86E8C1C8877B33B264182B77D692E73B4F2D403B98E

  • wss

    wss://meshcentral.eatoncomp.com:443/agent.ashx

Targets

    • Target

      2025-01-29_863a3f6013bf39a10b8fe0de5422a443_ismagent_ryuk_sliver

    • Size

      3.3MB

    • MD5

      863a3f6013bf39a10b8fe0de5422a443

    • SHA1

      a0633a4b006b4ad651716f41427841b0d949a568

    • SHA256

      fb3b448e3d56c87ef2962a8e81332afdf7838387e720061e6ff3fc974dd5a988

    • SHA512

      0b7f151a9e2fdfb599088d3d500ec1513703e4adcfff5b8a006601b178f7f0601e9bc02631b70cf9a634d55873095a87a508efc09b2ef90c7cf7b12527855259

    • SSDEEP

      49152:bX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85QJ:blRsZ47/QXoHUOfAoj1x6J

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks