Overview

overview

10

Static

static

10

2025-02-01...er.exe

windows7-x64

1

2025-02-01...er.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2025-02-01_d9caf5af0fa962bb7f6418b308312913_ismagent_ryuk_sliver

  • Size

    3.2MB

  • Sample

    250201-y8qlxsypcs

  • MD5

    d9caf5af0fa962bb7f6418b308312913

  • SHA1

    379cd55d34821f4e06e7c9412614c4b4f04b1625

  • SHA256

    208f8c977a5ae48205717fedcf24e05e15c5aabbe2f642ec8d7ca98be32ce669

  • SHA512

    7d9ea8f8ed460ce1bb25cd8ba3b0d87e09de2d9bf0b0f5b0de7f75612147cc70e675df1b7caa6cbd3176ebff42e113e91c5b7be29162a23593bef83fd8b3f3d2

  • SSDEEP

    49152:Z6Fva8Z3jsWlwddWq2qWDtywom4cVmxvAxLz/BViY36MFvf+QRQ0e11UOrdR852t:M7jxNqP/GmIzv3JQjv8Qt

Score
10/10
meshagenttheduderides

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

theduderides

C2

http://meshcentral.com:443/agent.ashx

Attributes
  • mesh_id

    0xDF6CFC6927799382F1DA78A7E2C5C2B0FB238B2C2635DA96FEBB387465E7FE2320F24FE11B13C9E0FA37CB4250379B70

  • server_id

    D01B0463C0C9E38D81254F7B22DD4DAD848302AEF186BFCFF1D61F4F73846D6F8C8C94D01D3CF1EACA3836F8E5D316A4

  • wss

    wss://meshcentral.com:443/agent.ashx

Targets

    • Target

      2025-02-01_d9caf5af0fa962bb7f6418b308312913_ismagent_ryuk_sliver

    • Size

      3.2MB

    • MD5

      d9caf5af0fa962bb7f6418b308312913

    • SHA1

      379cd55d34821f4e06e7c9412614c4b4f04b1625

    • SHA256

      208f8c977a5ae48205717fedcf24e05e15c5aabbe2f642ec8d7ca98be32ce669

    • SHA512

      7d9ea8f8ed460ce1bb25cd8ba3b0d87e09de2d9bf0b0f5b0de7f75612147cc70e675df1b7caa6cbd3176ebff42e113e91c5b7be29162a23593bef83fd8b3f3d2

    • SSDEEP

      49152:Z6Fva8Z3jsWlwddWq2qWDtywom4cVmxvAxLz/BViY36MFvf+QRQ0e11UOrdR852t:M7jxNqP/GmIzv3JQjv8Qt

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks