Overview

overview

10

Static

static

10

2025-02-28...er.exe

windows7-x64

1

2025-02-28...er.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2025-02-28_9593443448a6d565d479aa942546d67e_ismagent_ryuk_sliver

  • Size

    3.3MB

  • Sample

    250228-p11mgszq13

  • MD5

    9593443448a6d565d479aa942546d67e

  • SHA1

    039e723792fe6706238a337b15ec2ea46d381eb7

  • SHA256

    e86f00cba3455aa4c55a0aa8857f86ab68d3974b38916784cda3a411b6609171

  • SHA512

    b74f3eba40025280722c99de8cb10cfd6f199a0235ac693b3f6e16d48d9b6e1ec829c7254489eab1d41b8de746744449d0ebe3afbf50a46d9ad3454b7c96f54d

  • SSDEEP

    49152:5X3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQeG5O:5lRsZ47/QXoHUOfAoj1Do

Score
10/10
meshagentagents

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

agents

C2

http://lamrm.tech:443/agent.ashx

Attributes
  • mesh_id

    0xA26D210F8E538B637CBDC4931A61E8786F7ECD5EC7EC292DD1B1B7BC854B45C32855A2A079EF3CE525D065A146BD28C7

  • server_id

    A83876FD296E5B81E984299217DAE1D69E0B9B21ACC4271BBBA36DEDE2D81DE5D17EC6AB70450592DF4E80C1BB4F0A27

  • wss

    wss://lamrm.tech:443/agent.ashx

Targets

    • Target

      2025-02-28_9593443448a6d565d479aa942546d67e_ismagent_ryuk_sliver

    • Size

      3.3MB

    • MD5

      9593443448a6d565d479aa942546d67e

    • SHA1

      039e723792fe6706238a337b15ec2ea46d381eb7

    • SHA256

      e86f00cba3455aa4c55a0aa8857f86ab68d3974b38916784cda3a411b6609171

    • SHA512

      b74f3eba40025280722c99de8cb10cfd6f199a0235ac693b3f6e16d48d9b6e1ec829c7254489eab1d41b8de746744449d0ebe3afbf50a46d9ad3454b7c96f54d

    • SSDEEP

      49152:5X3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQeG5O:5lRsZ47/QXoHUOfAoj1Do

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks