Overview

overview

10

Static

static

10

2025-03-08...er.exe

windows7-x64

1

2025-03-08...er.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2025-03-08_8e3268d5f78734d0688e156285c0c6e1_ismagent_ryuk_sliver

  • Size

    3.3MB

  • Sample

    250308-ezh1ya1yfs

  • MD5

    8e3268d5f78734d0688e156285c0c6e1

  • SHA1

    4d02da1663b693b6361cd49af548b8ccecc2ac06

  • SHA256

    3c7fa7133e140485b817dcea394d4fc4a493f2e4c0a4b1ab3f1f36828d763af1

  • SHA512

    f1a63c63f84df1d4c77fd81033c2a04a8774d618471e77d0c7ca8ff5296f4972ef40f6367071f913e52078c90be1c1d1ad92b663bd8794be60136806cddab9c5

  • SSDEEP

    49152:zX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85QA:zlRsZ47/QXoHUOfAoj1x6A

Score
10/10
meshagentanydesknew

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

anydesknew

C2

http://benitolocker.pro:443/agent.ashx

Attributes
  • mesh_id

    0xC8164395F2596729F633EDD152995C48E8CAFC03DCA14D74A508FBB9CD7C5E3B48F84A39251A1DE611BD3405A9AE5154

  • server_id

    1D4D11E707A7D5FA47BFB4705F74843B96142CDB21117F5A3F5234811772E225E16EBCE327C6F43112BF2E84F9D71D7D

  • wss

    wss://benitolocker.pro:443/agent.ashx

Targets

    • Target

      2025-03-08_8e3268d5f78734d0688e156285c0c6e1_ismagent_ryuk_sliver

    • Size

      3.3MB

    • MD5

      8e3268d5f78734d0688e156285c0c6e1

    • SHA1

      4d02da1663b693b6361cd49af548b8ccecc2ac06

    • SHA256

      3c7fa7133e140485b817dcea394d4fc4a493f2e4c0a4b1ab3f1f36828d763af1

    • SHA512

      f1a63c63f84df1d4c77fd81033c2a04a8774d618471e77d0c7ca8ff5296f4972ef40f6367071f913e52078c90be1c1d1ad92b663bd8794be60136806cddab9c5

    • SSDEEP

      49152:zX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85QA:zlRsZ47/QXoHUOfAoj1x6A

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks