Overview

overview

10

Static

static

10

2025-02-05...er.exe

windows7-x64

1

2025-02-05...er.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2025-02-05_ff514470fff67f4651322a1b5a384fca_ismagent_ryuk_sliver

  • Size

    3.2MB

  • Sample

    250205-v5v6fswrby

  • MD5

    ff514470fff67f4651322a1b5a384fca

  • SHA1

    587117152bc0aba2f1cd25e707cac5489a739c55

  • SHA256

    fb11454cd1320e9e4b9bfb33db2a7027947fcbf5bb69142e8d0cd827a477e5c1

  • SHA512

    5d91b07fe47f6e65008b5db02c3f15efad4a9dab845de5a21aa89b488a1725aeb66533a4362a16eb856e7bd7775d464b3c772fbdaae3c3794df07d982a03305d

  • SSDEEP

    49152:o0yAXvucS6SnbZVlxyZH0XAaCx5OX9ZO/xtEfOfzMFvfDTtKjkVE+ubDw8litYOJ:7vg6ClrBCjec+OfAK7DuYOQI

Score
10/10
meshagenttacticalrmm

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

TacticalRMM

C2

http://mesh.novastream.se:443/agent.ashx

Attributes
  • mesh_id

    0x0AA55C4631223AE8DD1A81348A8E80548C7BB042625BC68AC186CA00C1DA3124827C5BED5CC8C0F5C6011F8BA83DF133

  • server_id

    903C3C97481A895084EB427C1018E15F68E3F5FBBB955FDC94213B5997B837F5003A9918E36431EFCA7041877542C2D4

  • wss

    wss://mesh.novastream.se:443/agent.ashx

Targets

    • Target

      2025-02-05_ff514470fff67f4651322a1b5a384fca_ismagent_ryuk_sliver

    • Size

      3.2MB

    • MD5

      ff514470fff67f4651322a1b5a384fca

    • SHA1

      587117152bc0aba2f1cd25e707cac5489a739c55

    • SHA256

      fb11454cd1320e9e4b9bfb33db2a7027947fcbf5bb69142e8d0cd827a477e5c1

    • SHA512

      5d91b07fe47f6e65008b5db02c3f15efad4a9dab845de5a21aa89b488a1725aeb66533a4362a16eb856e7bd7775d464b3c772fbdaae3c3794df07d982a03305d

    • SSDEEP

      49152:o0yAXvucS6SnbZVlxyZH0XAaCx5OX9ZO/xtEfOfzMFvfDTtKjkVE+ubDw8litYOJ:7vg6ClrBCjec+OfAK7DuYOQI

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks