meshagent | 33ea13671b1d96ace494272af88197d522db117f6df562a73ed71bdaec64a02b | Triage

Sharing

General

Target

2025-02-17_a34bbcd7868db9e84f574b3ad912f359_ismagent_ryuk_sliver
Size

3.3MB
Sample

250217-1fep3atlew
MD5

a34bbcd7868db9e84f574b3ad912f359
SHA1

f390e27ce7113b1ce485fabc249d607c33108738
SHA256

33ea13671b1d96ace494272af88197d522db117f6df562a73ed71bdaec64a02b
SHA512

9adc92ce88e6242751e525bb875939fa9b02f900181e622858891e5d2e06c254268487a76167d724d55856eb9c9572122362abaacaeb02acf899fa932e8eb3c7
SSDEEP

49152:DX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85QE:DlRsZ47/QXoHUOfAoj1x6E

Score

10^/10

meshagent homewatch

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

Homewatch

C2

http://mesh.mcait.net:443/agent.ashx

Attributes

mesh_id
0x0F1C4557142B087690F06E9C33291D560B0D90C8594D2C894515B38CC8C60A9E82FD367B2FAED3B50289FE9C1C11FDE9
server_id
685BFF97A9A596554D25324908EB40593075F94C3FC35C6092AD96BD1512E3E782EC64BB8B7236A920682A49F84DC275
wss
wss://mesh.mcait.net:443/agent.ashx

Targets

- Target
  
  2025-02-17_a34bbcd7868db9e84f574b3ad912f359_ismagent_ryuk_sliver
- Size
  
  3.3MB
- MD5
  
  a34bbcd7868db9e84f574b3ad912f359
- SHA1
  
  f390e27ce7113b1ce485fabc249d607c33108738
- SHA256
  
  33ea13671b1d96ace494272af88197d522db117f6df562a73ed71bdaec64a02b
- SHA512
  
  9adc92ce88e6242751e525bb875939fa9b02f900181e622858891e5d2e06c254268487a76167d724d55856eb9c9572122362abaacaeb02acf899fa932e8eb3c7
- SSDEEP
  
  49152:DX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85QE:DlRsZ47/QXoHUOfAoj1x6E
Score

1^/10
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

homewatchmeshagent

behavioral1

behavioral2