Overview

overview

10

Static

static

10

2025-02-25...er.exe

windows7-x64

1

2025-02-25...er.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2025-02-25_83240479f5e23c6330e43496bb7b6b1c_ismagent_ryuk_sliver

  • Size

    3.3MB

  • Sample

    250225-vap1ysxky2

  • MD5

    83240479f5e23c6330e43496bb7b6b1c

  • SHA1

    92a28ae37648a8da8be3b3fe8fa8479b07a9d4bd

  • SHA256

    caafc0e421aff786ea4cfd333b060a7eda5a4cc370b8e335916fb6fbffb79dcb

  • SHA512

    bdf35f3d618c5d47cc0498d7cd14f93280bf798b6894e855ecd774ac6da3f1f1e7e93b3a552779184560c092e2dfd821825a68202135a30ce6165bfea8b34173

  • SSDEEP

    49152:BX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe/5c:BlRsZ47/QXoHUOfAoj1ym

Score
10/10
meshagentsem apps

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

SEM APPS

C2

http://1jmbs6pzu0ogep37tk2b00bocme5md.bzaoyx71glefrkmq2fe8.online:443/agent.ashx

Attributes
  • mesh_id

    0xC95AC65FCFBB6AE408A5B68FC41F3464E439240677BE5E3B4C3443C9BDF12480010BFB465199AC3B1155E340BEAB0E82

  • server_id

    2515114175597DB22971A6C157399BB68AA2D89DE03268F733D8B0AA4A3C0D068C85E649691B5862D37EA6755579DA48

  • wss

    wss://1jmbs6pzu0ogep37tk2b00bocme5md.bzaoyx71glefrkmq2fe8.online:443/agent.ashx

Targets

    • Target

      2025-02-25_83240479f5e23c6330e43496bb7b6b1c_ismagent_ryuk_sliver

    • Size

      3.3MB

    • MD5

      83240479f5e23c6330e43496bb7b6b1c

    • SHA1

      92a28ae37648a8da8be3b3fe8fa8479b07a9d4bd

    • SHA256

      caafc0e421aff786ea4cfd333b060a7eda5a4cc370b8e335916fb6fbffb79dcb

    • SHA512

      bdf35f3d618c5d47cc0498d7cd14f93280bf798b6894e855ecd774ac6da3f1f1e7e93b3a552779184560c092e2dfd821825a68202135a30ce6165bfea8b34173

    • SSDEEP

      49152:BX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe/5c:BlRsZ47/QXoHUOfAoj1ym

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks