meshagent | 17ffb0cde527607983673481412015e489899edb3e9a94875e8d136cda904a48 | Triage

Sharing

General

Target

2025-03-10_b684550e9df7d4788991bde839f27900_ismagent_ryuk_sliver
Size

3.3MB
Sample

250310-e62rmasrz7
MD5

b684550e9df7d4788991bde839f27900
SHA1

d6bb5446b7af88300a504844d25c45f70c1d1bf2
SHA256

17ffb0cde527607983673481412015e489899edb3e9a94875e8d136cda904a48
SHA512

345176f4857c399db0375325a4872a87d6a074888b3274780813c621627e436563e36c571807d547cfe64501f0286f24e58c7ccf99cdfe7292c8567c392029ff
SSDEEP

49152:1X3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85Qf:1lRsZ47/QXoHUOfAoj1x6f

Score

10^/10

meshagent enrolled

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

Enrolled

C2

http://meshcentral.centenary.org.au:443/agent.ashx

Attributes

mesh_id
0x336EE70404B919A8ABBAD214D7BBF7E990B22E1EF4625C75A2DB4D4FBB34D2AEBF7F8BFDB9530F815D3A2133B85FE854
server_id
E91D3658FB9927BF83E74B528C4ACBD97437796A4465F1ADEDD0FFEDA13D1C1AE7F7AA0952A4D4B969A5672DABFE70A2
wss
wss://meshcentral.centenary.org.au:443/agent.ashx

Targets

- Target
  
  2025-03-10_b684550e9df7d4788991bde839f27900_ismagent_ryuk_sliver
- Size
  
  3.3MB
- MD5
  
  b684550e9df7d4788991bde839f27900
- SHA1
  
  d6bb5446b7af88300a504844d25c45f70c1d1bf2
- SHA256
  
  17ffb0cde527607983673481412015e489899edb3e9a94875e8d136cda904a48
- SHA512
  
  345176f4857c399db0375325a4872a87d6a074888b3274780813c621627e436563e36c571807d547cfe64501f0286f24e58c7ccf99cdfe7292c8567c392029ff
- SSDEEP
  
  49152:1X3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85Qf:1lRsZ47/QXoHUOfAoj1x6f
Score

1^/10
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

enrolledmeshagent

behavioral1

behavioral2