Overview

overview

10

Static

static

10

2025-03-03...er.exe

windows7-x64

1

2025-03-03...er.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2025-03-03_e4a3aa0f5eecfb5927872bb534828d41_ismagent_ryuk_sliver

  • Size

    3.3MB

  • Sample

    250303-1g9a3azps8

  • MD5

    e4a3aa0f5eecfb5927872bb534828d41

  • SHA1

    069deb2f6c36387d687408605b7b475900810621

  • SHA256

    86f04286d3aeb7ebc235abc22680cd4ec08b4f6745892f19494635fec14bd6af

  • SHA512

    debb7ddbab400f38eb79f4e9bf449945fbba16dc9ae90df2e56559fbcbdf7eac99ecf27724a325071189cd5878b1ac282b8b692d63ebf0d9a5f4631142327138

  • SSDEEP

    49152:KX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85QU:KlRsZ47/QXoHUOfAoj1x6U

Score
10/10
meshagentbcg

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

BCG

C2

http://support.magicbrain.com:443/agent.ashx

Attributes
  • mesh_id

    0x87BAAE820D35B3A6BCCB2DB41DB3E0A2BA10233F2AD782EB4925529F8D7632389DC1E1859ABB3B7DF4C8002814AF0126

  • server_id

    419F42046586FEACF715A875264C4013DEA28ED93192CFACFD3C97284077A64C8D6225731704A77C45B6ACCF1ADFE54A

  • wss

    wss://support.magicbrain.com:443/agent.ashx

Targets

    • Target

      2025-03-03_e4a3aa0f5eecfb5927872bb534828d41_ismagent_ryuk_sliver

    • Size

      3.3MB

    • MD5

      e4a3aa0f5eecfb5927872bb534828d41

    • SHA1

      069deb2f6c36387d687408605b7b475900810621

    • SHA256

      86f04286d3aeb7ebc235abc22680cd4ec08b4f6745892f19494635fec14bd6af

    • SHA512

      debb7ddbab400f38eb79f4e9bf449945fbba16dc9ae90df2e56559fbcbdf7eac99ecf27724a325071189cd5878b1ac282b8b692d63ebf0d9a5f4631142327138

    • SSDEEP

      49152:KX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85QU:KlRsZ47/QXoHUOfAoj1x6U

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks