meshagent | b0864ce7e2b0cd17dca5d0698141ba3ac15f993ffc0a742c856a7aeedf8f90da | Triage

Sharing

General

Target

2025-02-02_146e9d08aa702f6f1ac0f9e0f1b89ca6_ismagent_ryuk_sliver
Size

3.3MB
Sample

250202-mvmsbszpbm
MD5

146e9d08aa702f6f1ac0f9e0f1b89ca6
SHA1

b1d166a1047804c3c0815ddfff445103f69a41eb
SHA256

b0864ce7e2b0cd17dca5d0698141ba3ac15f993ffc0a742c856a7aeedf8f90da
SHA512

081e2d5d730789e6292f3d137c43e3982f5074c3ab9ae344ed4b5d5d215da3189a64b143f2c106e79c5c8850a5477b7553978b3febc18d6907de9f6f9603fad2
SSDEEP

49152:WX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85QS:WlRsZ47/QXoHUOfAoj1x6S

Score

10^/10

meshagent davis family computers

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

Davis Family Computers

C2

http://rmm.ryannealdavis.com:443/agent.ashx

Attributes

mesh_id
0x34C514C29DADF84E5D7C97888A46C46528982052FCBF3D289EAAA983F16BA66AF3765F959863BB9B84EF38CB72D08EE7
server_id
1AB86B24C646234DDB0E6CA09254DC16E7323DA59EE803DFDCFF93BC0ED1FE428828B8F8DA9044218DA0ADF391178EB5
wss
wss://rmm.ryannealdavis.com:443/agent.ashx

Targets

- Target
  
  2025-02-02_146e9d08aa702f6f1ac0f9e0f1b89ca6_ismagent_ryuk_sliver
- Size
  
  3.3MB
- MD5
  
  146e9d08aa702f6f1ac0f9e0f1b89ca6
- SHA1
  
  b1d166a1047804c3c0815ddfff445103f69a41eb
- SHA256
  
  b0864ce7e2b0cd17dca5d0698141ba3ac15f993ffc0a742c856a7aeedf8f90da
- SHA512
  
  081e2d5d730789e6292f3d137c43e3982f5074c3ab9ae344ed4b5d5d215da3189a64b143f2c106e79c5c8850a5477b7553978b3febc18d6907de9f6f9603fad2
- SSDEEP
  
  49152:WX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85QS:WlRsZ47/QXoHUOfAoj1x6S
Score

1^/10
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

davis family computersmeshagent

behavioral1

behavioral2