Overview

overview

10

Static

static

10

2025-02-02...er.exe

windows7-x64

1

2025-02-02...er.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2025-02-02_934a99332282037d9f615062166307b3_ismagent_ryuk_sliver

  • Size

    3.3MB

  • Sample

    250202-2azcyszphs

  • MD5

    934a99332282037d9f615062166307b3

  • SHA1

    a7e0462e181cc5a27c8cb1d6ef3c66b65c1d9fec

  • SHA256

    f2dfa69e97658c77481ea9502e84da622a6eaf47a472e8be03781f546cd999e2

  • SHA512

    fcaa078e97bf6e21ba0adb0eba38cce619eff0ee1d6ec2deeebdd80bbd1225f518ef65b095d361c8309b1af7b1bfcc80ae037c62f4db4728994acb5b46caf1ea

  • SSDEEP

    49152:FdZEy2B6vflQf6X8uZQoy3vR6QVQy5Z+bm4M/HMFvfGW0/wZ7IbOjxw579:3HvfGfZvZj1/N/z/Awp9

Score
10/10
meshagentplausibility

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

Plausibility

C2

http://mesh.plausibility.cloud:443/agent.ashx

Attributes
  • mesh_id

    0x914A5C410C08A7FC2805101BA2CD4BDD32C9553939E5F18C1044D26B3CDDAF5951B652D74A04F210C7A32CFC20D7D321

  • server_id

    C02E4294E9060F4631A06DE8435F979D15F6E777C5FCD478FA5A52996EB5339E15E17DCC92B00E30A548FB4BA87E541C

  • wss

    wss://mesh.plausibility.cloud:443/agent.ashx

Targets

    • Target

      2025-02-02_934a99332282037d9f615062166307b3_ismagent_ryuk_sliver

    • Size

      3.3MB

    • MD5

      934a99332282037d9f615062166307b3

    • SHA1

      a7e0462e181cc5a27c8cb1d6ef3c66b65c1d9fec

    • SHA256

      f2dfa69e97658c77481ea9502e84da622a6eaf47a472e8be03781f546cd999e2

    • SHA512

      fcaa078e97bf6e21ba0adb0eba38cce619eff0ee1d6ec2deeebdd80bbd1225f518ef65b095d361c8309b1af7b1bfcc80ae037c62f4db4728994acb5b46caf1ea

    • SSDEEP

      49152:FdZEy2B6vflQf6X8uZQoy3vR6QVQy5Z+bm4M/HMFvfGW0/wZ7IbOjxw579:3HvfGfZvZj1/N/z/Awp9

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks