Overview

overview

10

Static

static

10

2025-02-24...er.exe

windows7-x64

1

2025-02-24...er.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2025-02-24_91f189cd2c1f476b8289639d43a7e2f5_ismagent_ryuk_sliver

  • Size

    3.3MB

  • Sample

    250224-lmrkwavnz3

  • MD5

    91f189cd2c1f476b8289639d43a7e2f5

  • SHA1

    ae64a272b314077774e17b9fc1efbc1f202f042c

  • SHA256

    41493de1dcf8ab49001c03f89c254538fa12c297b80eb609eea26a6601a71d0e

  • SHA512

    0708a2cbb7d515599e8d71f489b59f07020c6cf0fa6547651a2d4bbc739732ef80b5f54d4b165374faad86401c20c3ccebaebab7a67fdd3d667bb2648e6b7ef0

  • SSDEEP

    49152:/X3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe35za:/lRsZ47/QXoHUOfAoj1ila

Score
10/10
meshagentemery

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

EMERY

C2

http://meshcentral.qfff.org:443/agent.ashx

Attributes
  • mesh_id

    0xBB9E94C9301B69E4EB71AA19BAC3BF75DD2553E8BDD584A1A8EA0A3524FDBF4FEE955B344A9120E588092A4D1FAA695A

  • server_id

    22054EED70B5DCE3D6E1ED3B03D1C847322B72F5CE24FFC37F97BF9380CC00BD4AD7A9D101425AB02EF380A819DC3578

  • wss

    wss://meshcentral.qfff.org:443/agent.ashx

Targets

    • Target

      2025-02-24_91f189cd2c1f476b8289639d43a7e2f5_ismagent_ryuk_sliver

    • Size

      3.3MB

    • MD5

      91f189cd2c1f476b8289639d43a7e2f5

    • SHA1

      ae64a272b314077774e17b9fc1efbc1f202f042c

    • SHA256

      41493de1dcf8ab49001c03f89c254538fa12c297b80eb609eea26a6601a71d0e

    • SHA512

      0708a2cbb7d515599e8d71f489b59f07020c6cf0fa6547651a2d4bbc739732ef80b5f54d4b165374faad86401c20c3ccebaebab7a67fdd3d667bb2648e6b7ef0

    • SSDEEP

      49152:/X3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe35za:/lRsZ47/QXoHUOfAoj1ila

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks