Overview

overview

10

Static

static

10

2025-02-04...er.exe

windows7-x64

1

2025-02-04...er.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2025-02-04_28f5a29d9fcd7c5345e203fed2018c47_ismagent_ryuk_sliver

  • Size

    3.3MB

  • Sample

    250204-ezy26awren

  • MD5

    28f5a29d9fcd7c5345e203fed2018c47

  • SHA1

    019a66f0880f706ed4762d51662e3f41860f878c

  • SHA256

    173376ed281449bf76798bed1d40be58d95a2f668c1e39a059d7feee5635ab4f

  • SHA512

    7026fb65f5905a4105e181ad852d5cbfdc0175e32064e69b3f5796d60057f3e01d1a4266cdc686d7dd607daa934badffddd2f95f7113b4750f7e1c942d20052d

  • SSDEEP

    49152:lX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85QE:llRsZ47/QXoHUOfAoj1x6E

Score
10/10
meshagenthome

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

Home

C2

http://mesh.supportportal.org:443/agent.ashx

Attributes
  • mesh_id

    0x2DC7A6C562090F54156CDE7B25CA726AEFE86D69940E21ED73961B35116BBCFC2141BB30B387DB56AC5D017B6D37C013

  • server_id

    CF66A1EA12E03F8BD53502684CA2D6914B478A8F457CBF887A2D0FEBDC328716C384698866CC7BE257C6319D41D6965C

  • wss

    wss://mesh.supportportal.org:443/agent.ashx

Targets

    • Target

      2025-02-04_28f5a29d9fcd7c5345e203fed2018c47_ismagent_ryuk_sliver

    • Size

      3.3MB

    • MD5

      28f5a29d9fcd7c5345e203fed2018c47

    • SHA1

      019a66f0880f706ed4762d51662e3f41860f878c

    • SHA256

      173376ed281449bf76798bed1d40be58d95a2f668c1e39a059d7feee5635ab4f

    • SHA512

      7026fb65f5905a4105e181ad852d5cbfdc0175e32064e69b3f5796d60057f3e01d1a4266cdc686d7dd607daa934badffddd2f95f7113b4750f7e1c942d20052d

    • SSDEEP

      49152:lX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85QE:llRsZ47/QXoHUOfAoj1x6E

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks