Overview

overview

10

Static

static

10

2025-02-28...er.exe

windows7-x64

1

2025-02-28...er.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2025-02-28_36b93a5d6b02150759da68a75b83e7f0_ismagent_ryuk_sliver

  • Size

    3.3MB

  • Sample

    250228-c46xfsyq19

  • MD5

    36b93a5d6b02150759da68a75b83e7f0

  • SHA1

    e3fc303abe65b390bb5edf8f462a156ac599d918

  • SHA256

    d813d468e0d1e7e175a8bbd0573a0c14b7841dda1c700b2118983af830d897fd

  • SHA512

    bf56bba6b1c52f285cc337eb333f61e5fda0a39d6506d9d2ea885ae0806e10129b4bbccfb5643db7fbe5d53d2a90a3ef648442e360769d056280d149fd198571

  • SSDEEP

    49152:fX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQef57L:flRsZ47/QXoHUOfAoj1i5

Score
10/10
meshagenttest

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

Test

C2

http://ec2-54-226-30-170.compute-1.amazonaws.com:443/agent.ashx

Attributes
  • mesh_id

    0xD572B0111B52B90A7A71ED694615AA8D6CAF0E6769542BF0CF8D10C323946F92FC06C2CB40DF31DCD31D9865E5A374F8

  • server_id

    E50834DFD947277594910E9BF3238D26C898FA739E73A55729C72C31D293804328513D42B75C001C9408BA6E989C37E8

  • wss

    wss://ec2-54-226-30-170.compute-1.amazonaws.com:443/agent.ashx

Targets

    • Target

      2025-02-28_36b93a5d6b02150759da68a75b83e7f0_ismagent_ryuk_sliver

    • Size

      3.3MB

    • MD5

      36b93a5d6b02150759da68a75b83e7f0

    • SHA1

      e3fc303abe65b390bb5edf8f462a156ac599d918

    • SHA256

      d813d468e0d1e7e175a8bbd0573a0c14b7841dda1c700b2118983af830d897fd

    • SHA512

      bf56bba6b1c52f285cc337eb333f61e5fda0a39d6506d9d2ea885ae0806e10129b4bbccfb5643db7fbe5d53d2a90a3ef648442e360769d056280d149fd198571

    • SSDEEP

      49152:fX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQef57L:flRsZ47/QXoHUOfAoj1i5

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks