meshagent | 9431a679392e1f7f1571c7c0f40a0e7cd42f47d5679b350f20f73bd274e6030b | Triage

Sharing

General

Target

2025-03-05_7ac5f09678dd588c2f681ca9a26b2020_ismagent_ryuk_sliver
Size

3.3MB
Sample

250305-1sp2ka1kx7
MD5

7ac5f09678dd588c2f681ca9a26b2020
SHA1

c9ea97b46c21695ff55fb5bf0fa85f8664b8313d
SHA256

9431a679392e1f7f1571c7c0f40a0e7cd42f47d5679b350f20f73bd274e6030b
SHA512

1442d223de4946c17590d7c32cae3f4d350f3b045a08fccdc4f61d9b6dfc61fd1702f71dc50a0bc48f8accb6e285233e6bc77a03d5d03ce6786a3eae78ad5670
SSDEEP

49152:PX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85Qv:PlRsZ47/QXoHUOfAoj1x6v

Score

10^/10

meshagent admin

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

admin

C2

http://35.183.68.38:443/agent.ashx

Attributes

mesh_id
0xE0068E6643873CBCFAC0DCC1FF83F80DF2883E819E8EF84B888999ED9EACB43BFFB643B67870BCB980C11A8C06BB1B6B
server_id
3593F921B340A5FC43C90AF628E6F3EF55B7087E363F1C3C76E94707A25884CFDD64A2C0D317D10471BCE77B442634E1
wss
wss://35.183.68.38:443/agent.ashx

Targets

- Target
  
  2025-03-05_7ac5f09678dd588c2f681ca9a26b2020_ismagent_ryuk_sliver
- Size
  
  3.3MB
- MD5
  
  7ac5f09678dd588c2f681ca9a26b2020
- SHA1
  
  c9ea97b46c21695ff55fb5bf0fa85f8664b8313d
- SHA256
  
  9431a679392e1f7f1571c7c0f40a0e7cd42f47d5679b350f20f73bd274e6030b
- SHA512
  
  1442d223de4946c17590d7c32cae3f4d350f3b045a08fccdc4f61d9b6dfc61fd1702f71dc50a0bc48f8accb6e285233e6bc77a03d5d03ce6786a3eae78ad5670
- SSDEEP
  
  49152:PX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85Qv:PlRsZ47/QXoHUOfAoj1x6v
Score

1^/10
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2