meshagent | a4c848b862e04570007f5e3779733b0c6e3c3623a3ac1744b803619b3281c6e0 | Triage

Sharing

General

Target

2025-02-23_2901ed01d132c70c8ff946cf592907b1_ismagent_ryuk
Size

3.3MB
Sample

250223-pxcfgsynw4
MD5

2901ed01d132c70c8ff946cf592907b1
SHA1

f6edb91bcb41bb59c4344027afc69ec4d1589cad
SHA256

a4c848b862e04570007f5e3779733b0c6e3c3623a3ac1744b803619b3281c6e0
SHA512

a17707917e001cc98c0b8315d40c8b2bf5b36922ddca68b0568541910d538509948ba3bed9a04d5bc44a76ba1ee3c17112ea6d20b361ba422202161b25178656
SSDEEP

49152:jX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQek5n:jlRsZ47/QXoHUOfAoj1N1

Score

10^/10

meshagent microsoft

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

microsoft

C2

http://89723867834278374873489834834.knccztmkifioimuzjhmf.online:443/agent.ashx

Attributes

mesh_id
0x55D2CC4E063D5F5F96D728F6DAB67F6E6D1A27796EED6FAF0480F37AC2AEFBA10408FB51E48F13978FEE692928C9E2D8
server_id
6F0427269E0722107476FB21188DF54DA22F8994D6828B75E7BF253A7F8116834B0DCE49E71F8BDA76EAD86C887C1DFF
wss
wss://89723867834278374873489834834.knccztmkifioimuzjhmf.online:443/agent.ashx

Targets

- Target
  
  2025-02-23_2901ed01d132c70c8ff946cf592907b1_ismagent_ryuk
- Size
  
  3.3MB
- MD5
  
  2901ed01d132c70c8ff946cf592907b1
- SHA1
  
  f6edb91bcb41bb59c4344027afc69ec4d1589cad
- SHA256
  
  a4c848b862e04570007f5e3779733b0c6e3c3623a3ac1744b803619b3281c6e0
- SHA512
  
  a17707917e001cc98c0b8315d40c8b2bf5b36922ddca68b0568541910d538509948ba3bed9a04d5bc44a76ba1ee3c17112ea6d20b361ba422202161b25178656
- SSDEEP
  
  49152:jX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQek5n:jlRsZ47/QXoHUOfAoj1N1
Score

1^/10
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

microsoftmeshagent

behavioral1

behavioral2