Overview

overview

10

Static

static

10

2025-02-24...er.exe

windows7-x64

1

2025-02-24...er.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2025-02-24_10f9c413c0caf2fb55da6f855fa358e5_ismagent_ryuk_sliver

  • Size

    3.3MB

  • Sample

    250224-wzw18sxlw8

  • MD5

    10f9c413c0caf2fb55da6f855fa358e5

  • SHA1

    1828758888afcf91a4db79e5e24ee0c9519632a6

  • SHA256

    bc76e6b3320364cddd27eb7011438760039a3dc593f78828f3871000a9323452

  • SHA512

    3e541664797fbe95af0fcf3b3a5aa842133f9d5d2063ddf6b497006dc9652e68012084de672e2c8736a8fe0f9aef99cddd7af8dda755dfb6a504751ccc7be4fc

  • SSDEEP

    49152:cX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85Qt:clRsZ47/QXoHUOfAoj1x6t

Score
10/10
meshagenttacticalrmm

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

TacticalRMM

C2

http://mesh.booksread.online:443/agent.ashx

Attributes
  • mesh_id

    0x7E3D15EF94054BF624B79028B3944307A91D5E290C32EB99CCD82D99265B775DCFDDCDC631B48A9DC0EB3519B381F276

  • server_id

    618A0AA61685AAE3C96E0197851C2E5F517DF9D1F0DA1C2DF5315E31D6D1FEC57C219DEA9FAB6ADD48CBE7C56005DCBE

  • wss

    wss://mesh.booksread.online:443/agent.ashx

Targets

    • Target

      2025-02-24_10f9c413c0caf2fb55da6f855fa358e5_ismagent_ryuk_sliver

    • Size

      3.3MB

    • MD5

      10f9c413c0caf2fb55da6f855fa358e5

    • SHA1

      1828758888afcf91a4db79e5e24ee0c9519632a6

    • SHA256

      bc76e6b3320364cddd27eb7011438760039a3dc593f78828f3871000a9323452

    • SHA512

      3e541664797fbe95af0fcf3b3a5aa842133f9d5d2063ddf6b497006dc9652e68012084de672e2c8736a8fe0f9aef99cddd7af8dda755dfb6a504751ccc7be4fc

    • SSDEEP

      49152:cX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85Qt:clRsZ47/QXoHUOfAoj1x6t

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks