Overview

overview

10

Static

static

10

2025-02-26...er.exe

windows7-x64

1

2025-02-26...er.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2025-02-26_db3067ba9a581b1cfd0caa09cf3b0a4e_ismagent_ryuk_sliver

  • Size

    3.2MB

  • Sample

    250226-xbmckaywey

  • MD5

    db3067ba9a581b1cfd0caa09cf3b0a4e

  • SHA1

    f6da3b8b9a85e49fae0850f23ef778f9e122b416

  • SHA256

    3c89178e57b6a42804981bab5b8b66168a434b98fb7212574fa193e095411a50

  • SHA512

    9574bbdbbc999d2fa03d0eec83a84d36254ab682673eec61bf2bb634de4e3bd9948868316bb3fa1ac1e461cf9f8f47c6a480a4b07acb599e7461bbbf199d2e15

  • SSDEEP

    49152:x6Fva8Z3jsWlwddWq2qWDtywom4cVmxvAxLz/BViY36MFvf+QRQ0e11UOrdR8529:U7jxNqP/GmIzv3JQjv8Q9

Score
10/10
meshagentddm-avec consentement

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

DDM-avec consentement

C2

http://meshcentral.journauxdumidi.com:8888/agent.ashx

Attributes
  • mesh_id

    0x8AF1E663C7507C14D3D77D1D2601D5778371C673058891DD8A18D26EC0EA38188C166E99F6F89550F3DC64973C90F9B2

  • server_id

    88EEE1065A675483E392BD11F608986E3E8BE6F7C51ED660384281021A9364FB97AEDF8EF6A073923A5CFDD533627E45

  • wss

    wss://meshcentral.journauxdumidi.com:8888/agent.ashx

Targets

    • Target

      2025-02-26_db3067ba9a581b1cfd0caa09cf3b0a4e_ismagent_ryuk_sliver

    • Size

      3.2MB

    • MD5

      db3067ba9a581b1cfd0caa09cf3b0a4e

    • SHA1

      f6da3b8b9a85e49fae0850f23ef778f9e122b416

    • SHA256

      3c89178e57b6a42804981bab5b8b66168a434b98fb7212574fa193e095411a50

    • SHA512

      9574bbdbbc999d2fa03d0eec83a84d36254ab682673eec61bf2bb634de4e3bd9948868316bb3fa1ac1e461cf9f8f47c6a480a4b07acb599e7461bbbf199d2e15

    • SSDEEP

      49152:x6Fva8Z3jsWlwddWq2qWDtywom4cVmxvAxLz/BViY36MFvf+QRQ0e11UOrdR8529:U7jxNqP/GmIzv3JQjv8Q9

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks