Overview

overview

10

Static

static

10

2025-03-03...er.exe

windows7-x64

1

2025-03-03...er.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2025-03-03_c0e57fe0dcc11f843a0d5a139e0d5fc3_ismagent_ryuk_sliver

  • Size

    3.3MB

  • Sample

    250303-t2wr5ssxes

  • MD5

    c0e57fe0dcc11f843a0d5a139e0d5fc3

  • SHA1

    5388dfb5697df37c49cfde2237781887b993a20a

  • SHA256

    0f01ed40d5ca3dc2361561aac14a8347d3f3de04d1834db20edd18e3c99781f0

  • SHA512

    dc69572c43d77ce90119198d4437b38bd718d7afd4d5c7c90e9220077a7a9fdc51ead2ca87f4027ccbd8766583f980b9fe6f40ca128b96bce71ff0c98f5272ae

  • SSDEEP

    49152:uX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85Qc:ulRsZ47/QXoHUOfAoj1x6c

Score
10/10
meshagentcustomers

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

Customers

C2

http://meshcentral.andynas.nl:443/agent.ashx

Attributes
  • mesh_id

    0xC6C38C3E833D4EBF1ED2C8650CC13B8D8339D2520DF3363197B32394A6B5D5A5780B54F1CF23C58CDCE1C8E64FEF6C5B

  • server_id

    A82C95078F5F4BDFA65E27E2CDE55757A21B23F59A17BC31734DF875C697E532FBF626903EB87BB947DF69EAF7624A6C

  • wss

    wss://meshcentral.andynas.nl:443/agent.ashx

Targets

    • Target

      2025-03-03_c0e57fe0dcc11f843a0d5a139e0d5fc3_ismagent_ryuk_sliver

    • Size

      3.3MB

    • MD5

      c0e57fe0dcc11f843a0d5a139e0d5fc3

    • SHA1

      5388dfb5697df37c49cfde2237781887b993a20a

    • SHA256

      0f01ed40d5ca3dc2361561aac14a8347d3f3de04d1834db20edd18e3c99781f0

    • SHA512

      dc69572c43d77ce90119198d4437b38bd718d7afd4d5c7c90e9220077a7a9fdc51ead2ca87f4027ccbd8766583f980b9fe6f40ca128b96bce71ff0c98f5272ae

    • SSDEEP

      49152:uX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85Qc:ulRsZ47/QXoHUOfAoj1x6c

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks