meshagent | 55f220670a4cae550efe74876689c5db570a44ebc65d0f3ef74cda837bd7550d | Triage

Sharing

General

Target

2025-02-28_5dac5897867b76add7b1ad60f6836c5c_ismagent_ryuk_sliver
Size

3.3MB
Sample

250228-c7tfjaxzaw
MD5

5dac5897867b76add7b1ad60f6836c5c
SHA1

e13a6b8b29902995d5b308537cebc4d5dd7b23fc
SHA256

55f220670a4cae550efe74876689c5db570a44ebc65d0f3ef74cda837bd7550d
SHA512

bba06c7bb612f0d293fcf1e1d573bedd5e9fa68eaeb412fdd89129d29e768c8d60144ce39346664389c40f4eaabe010332b53fd9948d4322fdd4e18d285c87dc
SSDEEP

49152:sX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85Q0:slRsZ47/QXoHUOfAoj1x60

Score

10^/10

meshagent veshnyaki

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

VESHNYAKI

C2

http://itdobro.ru:443/agent.ashx

Attributes

mesh_id
0x32A518E81177AB982F470DE5A26F37D6D122400060A666E9B6A8B938213A8452035BDA6C7E35B58D3A396315DCB7E795
server_id
8CC5402A3C2D656BCC83CDAC2B596CE81090D89D897037D431B82713D96460BAC36065CD65DBFF1E714E257655E27274
wss
wss://itdobro.ru:443/agent.ashx

Targets

- Target
  
  2025-02-28_5dac5897867b76add7b1ad60f6836c5c_ismagent_ryuk_sliver
- Size
  
  3.3MB
- MD5
  
  5dac5897867b76add7b1ad60f6836c5c
- SHA1
  
  e13a6b8b29902995d5b308537cebc4d5dd7b23fc
- SHA256
  
  55f220670a4cae550efe74876689c5db570a44ebc65d0f3ef74cda837bd7550d
- SHA512
  
  bba06c7bb612f0d293fcf1e1d573bedd5e9fa68eaeb412fdd89129d29e768c8d60144ce39346664389c40f4eaabe010332b53fd9948d4322fdd4e18d285c87dc
- SSDEEP
  
  49152:sX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85Q0:slRsZ47/QXoHUOfAoj1x60
Score

1^/10
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

veshnyakimeshagent

behavioral1

behavioral2