Overview

overview

10

Static

static

10

915a9ac122...62.exe

windows7-x64

3

915a9ac122...62.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    915a9ac1222489326e5ae312ca3365a86587f264794a1b0bdc7f4b18a6de1962.zip

  • Size

    1.8MB

  • Sample

    250208-sp3jgstmcr

  • MD5

    f01c445c26c01996bbcd9125aa92bebb

  • SHA1

    ae8b7e42dced4f4998bae197643276f335b690c2

  • SHA256

    487dbf672aae6a0d03f819409c587052106c5e15430cf8948762f77da109ccf6

  • SHA512

    f88ebc3c8121a0ef87fc0c97dd19f42e2a7b17a6d4f69849690ff9b4f091bee25d5ad3dbc021661282f53cfbbd618e61373bc650dc30d5529d77cd36bebf24ac

  • SSDEEP

    49152:u98X4iKKjVFim11+odn8iKG1THBnsRZDucquOsZ93vZSkRNamcK:u98zKKju+1+o1DuLRhZBnomL

Score
10/10
meshagentchina-workdiscovery

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

China-work

C2

http://al3b.duckdns.org:443/agent.ashx

Attributes
  • mesh_id

    0xAFF136F060360F28769D7B7498B6137CD4DEC82BEBABA4F01BA003C8AF4327C230B79ECCDEEBADF978820C981A5FB410

  • server_id

    15AC5E4AEE801455641A960026D6C5E6B5C9E400BE3783B5AF0693C185066487AE520043247FB4EE420B2A74648A3BCA

  • wss

    wss://al3b.duckdns.org:443/agent.ashx

Targets

    • Target

      915a9ac1222489326e5ae312ca3365a86587f264794a1b0bdc7f4b18a6de1962.exe

    • Size

      3.7MB

    • MD5

      34bacef5e0b44c55a9b293d0cc67220b

    • SHA1

      c898260acb34f3dd2e7212109282154e15776091

    • SHA256

      915a9ac1222489326e5ae312ca3365a86587f264794a1b0bdc7f4b18a6de1962

    • SHA512

      61a60ab79a50dd7b13ba5c8ca6886fb8501e5ca1de3185d8ccf33e95da3c5422a741c093edf722d5d9d5ac67094313c454182e158203f3a0df68325381b62fea

    • SSDEEP

      49152:F8o8bZjyJVD0s9Mr3XIfRviWkgEOaxfCbCMcXGtSgvZPOQ5Qo:F8o8VOUs9joRbMc2tSW6o

    Score
    8/10
    discovery

    • Downloads MZ/PE file

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks