meshagent | 862b114e61d4d778f1e3960b410606013fcb09f312666499cc00a913b0ac948d | Triage

Sharing

General

Target

2025-03-06_a80cc51700dc805c5f42c9c7c4359684_ismagent_ryuk_sliver
Size

3.3MB
Sample

250306-l571ksv1cs
MD5

a80cc51700dc805c5f42c9c7c4359684
SHA1

878833deb48905d0f1116b44e2a62c9853a1218c
SHA256

862b114e61d4d778f1e3960b410606013fcb09f312666499cc00a913b0ac948d
SHA512

414e0d1dff203376a9e98e5de8e29c8bfcfa5109f0a2a5cfa853b192f971252f6af4518c89631a9d70bcb9793f8af4ed36905d8746fc742d55afa87747c96ebf
SSDEEP

49152:vX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85Q+:vlRsZ47/QXoHUOfAoj1x6+

Score

10^/10

meshagent tacticalrmm

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

TacticalRMM

C2

http://mes.dog-bytes.com:443/agent.ashx

Attributes

mesh_id
0x033CBBD3D23C41BD93F69CC5416F73D851E1547A8CA42B1DA6A6568CC2109DF89519AC5AC1BDEE560467444DCE2B30CB
server_id
FE760BCE56E7D35047EB68E8A73FF26C14D1F128D25792C81C946A4384AC2623550E525D5FB59433D605A854024C5A7B
wss
wss://mes.dog-bytes.com:443/agent.ashx

Targets

- Target
  
  2025-03-06_a80cc51700dc805c5f42c9c7c4359684_ismagent_ryuk_sliver
- Size
  
  3.3MB
- MD5
  
  a80cc51700dc805c5f42c9c7c4359684
- SHA1
  
  878833deb48905d0f1116b44e2a62c9853a1218c
- SHA256
  
  862b114e61d4d778f1e3960b410606013fcb09f312666499cc00a913b0ac948d
- SHA512
  
  414e0d1dff203376a9e98e5de8e29c8bfcfa5109f0a2a5cfa853b192f971252f6af4518c89631a9d70bcb9793f8af4ed36905d8746fc742d55afa87747c96ebf
- SSDEEP
  
  49152:vX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85Q+:vlRsZ47/QXoHUOfAoj1x6+
Score

1^/10
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

tacticalrmmmeshagent

behavioral1

behavioral2