Overview

overview

10

Static

static

10

2025-02-17...er.exe

windows7-x64

1

2025-02-17...er.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2025-02-17_a622388ee1c1bcc805cffc1caf451265_ismagent_ryuk_sliver

  • Size

    3.3MB

  • Sample

    250217-1dwwkatlcy

  • MD5

    a622388ee1c1bcc805cffc1caf451265

  • SHA1

    b7c81a6c9731390d6122478126f376e6f5284bf7

  • SHA256

    93bdbf4b3d3cac5d003266d0a43c86d8e377b67a0b51f5e411301dcbdf564b2e

  • SHA512

    c35406fe9b80f1973f50eab8418f29d01913cc8e9b9cee201b5e7a9bfae3dbfb99b614bd3ec7ea6786aaae18df65cf4b0ca38f6fed12ebde20773793c6cc4c46

  • SSDEEP

    49152:7X3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85Qo:7lRsZ47/QXoHUOfAoj1x6o

Score
10/10
meshagentrippe

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

Rippe

C2

http://mesh.mcait.net:443/agent.ashx

Attributes
  • mesh_id

    0x5D9CF9394CE836D392B15390695C113773CBA993853CD805CB3C7E46B1AFEDFABBAC68196986C52AD1C9D5BBDDBDD6F4

  • server_id

    685BFF97A9A596554D25324908EB40593075F94C3FC35C6092AD96BD1512E3E782EC64BB8B7236A920682A49F84DC275

  • wss

    wss://mesh.mcait.net:443/agent.ashx

Targets

    • Target

      2025-02-17_a622388ee1c1bcc805cffc1caf451265_ismagent_ryuk_sliver

    • Size

      3.3MB

    • MD5

      a622388ee1c1bcc805cffc1caf451265

    • SHA1

      b7c81a6c9731390d6122478126f376e6f5284bf7

    • SHA256

      93bdbf4b3d3cac5d003266d0a43c86d8e377b67a0b51f5e411301dcbdf564b2e

    • SHA512

      c35406fe9b80f1973f50eab8418f29d01913cc8e9b9cee201b5e7a9bfae3dbfb99b614bd3ec7ea6786aaae18df65cf4b0ca38f6fed12ebde20773793c6cc4c46

    • SSDEEP

      49152:7X3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85Qo:7lRsZ47/QXoHUOfAoj1x6o

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks