meshagent | 43e7ff4d77ba5bf7ff531f80255612c8bdd23db4961958c4dc81a7bcba975e18 | Triage

Sharing

General

Target

workflow.exe
Size

3.3MB
Sample

250226-s93pzsvmy7
MD5

d95496960af0d02026e309aa2269df56
SHA1

9d2626468c0c36eb227eda57a09ca1cb38aa7240
SHA256

43e7ff4d77ba5bf7ff531f80255612c8bdd23db4961958c4dc81a7bcba975e18
SHA512

7edfa6c5ff17134cb8bd02814728ca2c21efb2af333703b1e8f9711b54ce415566122ade77a2848be574da8fa57a6e5c26b234cce37455665f537f84cc5e178f
SSDEEP

49152:Xf708gNcR9l5NyQB7q1AlgraPgDLDVXI2RXgGfX2kMFvfAw6dZ7Nueuxg5Av:X+49lnyeG3D56gXm6Hqv

Score

10^/10

meshagent cpa

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

cpa

C2

http://connect.elanawalkercakes.info:443/agent.ashx

Attributes

mesh_id
0x6A468D0F9A1C19CC4BE5E11513F4EC80BDB5CDD518D7912C2EE39FFC34563DD80C0CB072B128E295F606FCDA70757F54
server_id
A459917959832AB529BFA3C93DA907CCD1089E6718C5F352B323408309CF9B09C86FF5A21AF509D395F859C8F4EAC859
wss
wss://connect.elanawalkercakes.info:443/agent.ashx

Targets

- Target
  
  workflow.exe
- Size
  
  3.3MB
- MD5
  
  d95496960af0d02026e309aa2269df56
- SHA1
  
  9d2626468c0c36eb227eda57a09ca1cb38aa7240
- SHA256
  
  43e7ff4d77ba5bf7ff531f80255612c8bdd23db4961958c4dc81a7bcba975e18
- SHA512
  
  7edfa6c5ff17134cb8bd02814728ca2c21efb2af333703b1e8f9711b54ce415566122ade77a2848be574da8fa57a6e5c26b234cce37455665f537f84cc5e178f
- SSDEEP
  
  49152:Xf708gNcR9l5NyQB7q1AlgraPgDLDVXI2RXgGfX2kMFvfAw6dZ7Nueuxg5Av:X+49lnyeG3D56gXm6Hqv
Score

1^/10
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2