meshagent | 34c8963e2fe1481d7b510089e0d6f957b058527a1e23f23eee64d4e59c4d47c9 | Triage

Sharing

General

Target

34c8963e2fe1481d7b510089e0d6f957b058527a1e23f23eee64d4e59c4d47c9.exe
Size

3.3MB
Sample

250208-lfww1swrbz
MD5

595429672bbb730ca6f776bb46249bf3
SHA1

edd8f3f105de94e7bf7e11e5ff889779ea50934f
SHA256

34c8963e2fe1481d7b510089e0d6f957b058527a1e23f23eee64d4e59c4d47c9
SHA512

93bc007c0ddd49320496e8b5d2932507fc63662f1d01a82691afd7b4fc3d719ca27ba9e4be46d51246dceafa681baf11993979278bed35b18a4d891af6e7e280
SSDEEP

49152:sX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85Qi:slRsZ47/QXoHUOfAoj1x6i

Score

10^/10

meshagent pc discovery

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

PC

Attributes

mesh_id
0x7A45E23863D6150D121FCE68BA8874E3C83F87FF33B28774D30452A62E648FF2DF045C108D1CE369B8001BE65AB79195
server_id
9FD1AFC9F3B99A9221F72A3D4994257A7F21416091E7A622D9B757787E5BF40D3D42C449A5BD7E9D2487D015E208B2F3
wss
localhost

Targets

- Target
  
  34c8963e2fe1481d7b510089e0d6f957b058527a1e23f23eee64d4e59c4d47c9.exe
- Size
  
  3.3MB
- MD5
  
  595429672bbb730ca6f776bb46249bf3
- SHA1
  
  edd8f3f105de94e7bf7e11e5ff889779ea50934f
- SHA256
  
  34c8963e2fe1481d7b510089e0d6f957b058527a1e23f23eee64d4e59c4d47c9
- SHA512
  
  93bc007c0ddd49320496e8b5d2932507fc63662f1d01a82691afd7b4fc3d719ca27ba9e4be46d51246dceafa681baf11993979278bed35b18a4d891af6e7e280
- SSDEEP
  
  49152:sX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85Qi:slRsZ47/QXoHUOfAoj1x6i
Score

8^/10

discovery
- Downloads MZ/PE file
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2