Overview

overview

10

Static

static

10

2025-02-28...er.exe

windows7-x64

1

2025-02-28...er.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2025-02-28_8d0f59cc7f011d8afd6d7b207235ee37_ismagent_ryuk_sliver

  • Size

    3.3MB

  • Sample

    250228-w6hgesttfz

  • MD5

    8d0f59cc7f011d8afd6d7b207235ee37

  • SHA1

    e7b4faefdb3803652c27c953bddc1bf6d21c9fd4

  • SHA256

    d07f6db270e27dbdd2b7f860881ce42468a195aa10cba44fe94dad2114d7d74f

  • SHA512

    1c3e67144eb5c49d85d414ccbebdf819a882e2ac55be36b9c139dfd06f346ad985407993afd7e6410268e38c6560b5635e8decc53a030434b70d240c03014d73

  • SSDEEP

    49152:bX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85QL:blRsZ47/QXoHUOfAoj1x6L

Score
10/10
meshagentagents

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

Agents

Attributes
  • mesh_id

    0xCB8172787782636715E37C058E7D0F33CCF935FF03A1DE077B2131C1FAA190AB4F4C8447DEE20D35B04CC806838691BD

  • server_id

    54748D16BC758755D39CDF3263DDA58557EBB2F0059D5D55D8BA9508CFDA22545DACE1E598B72933F2E322894B8520A2

  • wss

    localhost

Targets

    • Target

      2025-02-28_8d0f59cc7f011d8afd6d7b207235ee37_ismagent_ryuk_sliver

    • Size

      3.3MB

    • MD5

      8d0f59cc7f011d8afd6d7b207235ee37

    • SHA1

      e7b4faefdb3803652c27c953bddc1bf6d21c9fd4

    • SHA256

      d07f6db270e27dbdd2b7f860881ce42468a195aa10cba44fe94dad2114d7d74f

    • SHA512

      1c3e67144eb5c49d85d414ccbebdf819a882e2ac55be36b9c139dfd06f346ad985407993afd7e6410268e38c6560b5635e8decc53a030434b70d240c03014d73

    • SSDEEP

      49152:bX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85QL:blRsZ47/QXoHUOfAoj1x6L

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks