Overview

overview

10

Static

static

10

2025-02-21...er.exe

windows7-x64

1

2025-02-21...er.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2025-02-21_7ae0a1792b3b4f08058dee62e69de2e0_ismagent_ryuk_sliver

  • Size

    3.3MB

  • Sample

    250221-m2nyzaslx7

  • MD5

    7ae0a1792b3b4f08058dee62e69de2e0

  • SHA1

    a77e78a8641255c53d5fce6e508bdba0b456f391

  • SHA256

    29cbf2d02818809ba4125c50ae1ddc25496c331622acc08ea4a1aeac883b9df1

  • SHA512

    47c3d6eb2112193c8f18d6675162af5aec21db8a382e1c6fd36b862cff2d514fa71cfbec7880cf117d78bc3e72fd2900f19e6c621b3513dc4d20cb7a21bd48e7

  • SSDEEP

    49152:rX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85QF:rlRsZ47/QXoHUOfAoj1x6F

Score
10/10
meshagentnew remote

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

New remote

C2

http://flancer.micomputer.support:443/agent.ashx

Attributes
  • mesh_id

    0x40BAC3D4ED54CD48DF738147F490FDB33684EF8DD6FD1D4FB7AF344FECFBCBE887EDA461A86DB77BB4CFAEABBA1193D5

  • server_id

    705959748BD21700D70DF3A655C1FE9757DD8BC3F6057884E9A0247289DEC4CA0187D2D13EA412489AFEE714C7AB77A2

  • wss

    wss://flancer.micomputer.support:443/agent.ashx

Targets

    • Target

      2025-02-21_7ae0a1792b3b4f08058dee62e69de2e0_ismagent_ryuk_sliver

    • Size

      3.3MB

    • MD5

      7ae0a1792b3b4f08058dee62e69de2e0

    • SHA1

      a77e78a8641255c53d5fce6e508bdba0b456f391

    • SHA256

      29cbf2d02818809ba4125c50ae1ddc25496c331622acc08ea4a1aeac883b9df1

    • SHA512

      47c3d6eb2112193c8f18d6675162af5aec21db8a382e1c6fd36b862cff2d514fa71cfbec7880cf117d78bc3e72fd2900f19e6c621b3513dc4d20cb7a21bd48e7

    • SSDEEP

      49152:rX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85QF:rlRsZ47/QXoHUOfAoj1x6F

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks