Overview

overview

10

Static

static

10

2025-02-14...er.exe

windows7-x64

1

2025-02-14...er.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2025-02-14_f4560a7d9bc9159937a7120ccd0f9343_ismagent_ryuk_sliver

  • Size

    3.3MB

  • Sample

    250214-w525fawpfn

  • MD5

    f4560a7d9bc9159937a7120ccd0f9343

  • SHA1

    1a17890db3e5218b0d37445a59c3c8a4ec1f89d2

  • SHA256

    bc329a1421b39afc429e8c31be4518de899dc8272ad3585686b2eb7fbfc086e4

  • SHA512

    938132613785e8b80c33e65d659156daeaf0cdcb2949cd8337ee7fb17ab473bf1d2dab5465f35e46e3e5a678887664d8d900ffdc7ea6403d355a256e68e02976

  • SSDEEP

    49152:yX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85Qq:ylRsZ47/QXoHUOfAoj1x6q

Score
10/10
meshagentgeneralediscovery

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

GENERALE

C2

http://assistenza.freeddns.org:443/agent.ashx

Attributes
  • mesh_id

    0xBEA8DBFA06B29263BED7C00875E53180B8C15B085BB4E60BA3DE85FAB25D90620FF8D7B04BA5D529058566AD6CF90FAB

  • server_id

    3E56B64F28E1B34667AE83E0220E703ACA41C135A19FE085A00B843BF81DBD9EEF8E628C1E29ABD0B3804C09AC2069AE

  • wss

    wss://assistenza.freeddns.org:443/agent.ashx

Targets

    • Target

      2025-02-14_f4560a7d9bc9159937a7120ccd0f9343_ismagent_ryuk_sliver

    • Size

      3.3MB

    • MD5

      f4560a7d9bc9159937a7120ccd0f9343

    • SHA1

      1a17890db3e5218b0d37445a59c3c8a4ec1f89d2

    • SHA256

      bc329a1421b39afc429e8c31be4518de899dc8272ad3585686b2eb7fbfc086e4

    • SHA512

      938132613785e8b80c33e65d659156daeaf0cdcb2949cd8337ee7fb17ab473bf1d2dab5465f35e46e3e5a678887664d8d900ffdc7ea6403d355a256e68e02976

    • SSDEEP

      49152:yX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85Qq:ylRsZ47/QXoHUOfAoj1x6q

    Score
    8/10
    discovery

    • Downloads MZ/PE file

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks