Overview

overview

10

Static

static

10

2025-03-04...er.exe

windows7-x64

1

2025-03-04...er.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2025-03-04_ac838ad7e8e163dece34221b8a88b03e_ismagent_ryuk_sliver

  • Size

    3.3MB

  • Sample

    250304-azew3avkv3

  • MD5

    ac838ad7e8e163dece34221b8a88b03e

  • SHA1

    5473bb150a166fcb385e5abb97043af4352bacf2

  • SHA256

    71dc45bed5b48c963c122a0a21233c4f8f4d5b61568799505b8b15f2d42619e8

  • SHA512

    7be869a580d37e306c0382bd62d59be4bd03004bae3d78f649beba4de4802597f43a4121457b53b41a6cafe44d869397803798ead5494333838876d095404aa5

  • SSDEEP

    49152:hX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQet5q:hlRsZ47/QXoHUOfAoj140

Score
10/10
meshagentvinbng

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

vinbng

C2

http://remoteshare.in:443/agent.ashx

Attributes
  • mesh_id

    0x9656A59FFEC4E73903719734BABEE712E2B9F15137463C90A697BBF4068B26BA4843C9D614007E4F314C23DD44C144BE

  • server_id

    C548A56198204AA58B1B935B7C94DEC937F526F4D95BA9A934173D49C789C88C656BEC078BE602DD32033D07A44BF5E2

  • wss

    wss://remoteshare.in:443/agent.ashx

Targets

    • Target

      2025-03-04_ac838ad7e8e163dece34221b8a88b03e_ismagent_ryuk_sliver

    • Size

      3.3MB

    • MD5

      ac838ad7e8e163dece34221b8a88b03e

    • SHA1

      5473bb150a166fcb385e5abb97043af4352bacf2

    • SHA256

      71dc45bed5b48c963c122a0a21233c4f8f4d5b61568799505b8b15f2d42619e8

    • SHA512

      7be869a580d37e306c0382bd62d59be4bd03004bae3d78f649beba4de4802597f43a4121457b53b41a6cafe44d869397803798ead5494333838876d095404aa5

    • SSDEEP

      49152:hX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQet5q:hlRsZ47/QXoHUOfAoj140

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks