Overview

overview

10

Static

static

10

2025-02-21...er.exe

windows7-x64

1

2025-02-21...er.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2025-02-21_72e53f55ca0a902b1dae90406e4c6e2a_ismagent_ryuk_sliver

  • Size

    3.4MB

  • Sample

    250221-m2wntasly2

  • MD5

    72e53f55ca0a902b1dae90406e4c6e2a

  • SHA1

    f93915fb3bebc7a3d91be31243a607dafe58aa52

  • SHA256

    132470f8782228a6e304270f809a0c65001f68e10917ad38a03817bc2377e99a

  • SHA512

    9b8a891e5507948840e0cb8f2c98dec61a7897ee0e4008214d04723a3c34814014d1473a616f6018ed10ed377a284d721d6be7872ad812f6f0687b1198d3016d

  • SSDEEP

    49152:xX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe75u:xlRsZ47/QXoHUOfAoj1yU

Score
10/10
meshagentdarshan-exams

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

Darshan-exams

C2

http://certway.in:443/agent.ashx

Attributes
  • mesh_id

    0x3260FF6615E38279C404209F4EC8D0C0D68710134EF06E09F8318A754E6DF50DB2DBD3692F7B0BC16D4237988507E608

  • server_id

    4083E60FD5B40081209EA2DD8FB525611C25F047E51ADA251B4E3E0C195542DD867913ED45F2F926653B9EFF21A51A45

  • wss

    wss://certway.in:443/agent.ashx

Targets

    • Target

      2025-02-21_72e53f55ca0a902b1dae90406e4c6e2a_ismagent_ryuk_sliver

    • Size

      3.4MB

    • MD5

      72e53f55ca0a902b1dae90406e4c6e2a

    • SHA1

      f93915fb3bebc7a3d91be31243a607dafe58aa52

    • SHA256

      132470f8782228a6e304270f809a0c65001f68e10917ad38a03817bc2377e99a

    • SHA512

      9b8a891e5507948840e0cb8f2c98dec61a7897ee0e4008214d04723a3c34814014d1473a616f6018ed10ed377a284d721d6be7872ad812f6f0687b1198d3016d

    • SSDEEP

      49152:xX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe75u:xlRsZ47/QXoHUOfAoj1yU

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks