meshagent | 0112e57088f1330213c5feb031f159cd2a2e2196d5a1e344a45986af6ad046be | Triage

Sharing

General

Target

2025-03-10_92ec60f683f5c62f1a3e8b6bbe892056_ismagent_ryuk_sliver
Size

3.2MB
Sample

250310-e7c5nasr12
MD5

92ec60f683f5c62f1a3e8b6bbe892056
SHA1

bbb1792d7c5dfb9e3a32b3180d93bdf683c3afff
SHA256

0112e57088f1330213c5feb031f159cd2a2e2196d5a1e344a45986af6ad046be
SHA512

39be75208720bac0eff708bcdca4ff0356fc3a78514d5aae9a88e1c1e75e4e8055f407fe25472d9a7fdccb03f8a373b221138363bb22a31d13ea0e15e8cb955a
SSDEEP

49152:Y0yAXvucS6SnbZVlxyZH0XAaCx5OX9ZO/xtEfOfzMFvfDTtKjkVE+ubDw8litYOV:rvg6ClrBCjec+OfAK7DuYOQw

Score

10^/10

meshagent servers windows

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

Servers Windows

C2

http://meshcentral.centenary.org.au:443/agent.ashx

Attributes

mesh_id
0xEED3247E2A31A3FE358683F5365312A919E469BEBDC0DB9C64196884DED59E572A2E746D1CCBF5AF44007B1517048443
server_id
E91D3658FB9927BF83E74B528C4ACBD97437796A4465F1ADEDD0FFEDA13D1C1AE7F7AA0952A4D4B969A5672DABFE70A2
wss
wss://meshcentral.centenary.org.au:443/agent.ashx

Targets

- Target
  
  2025-03-10_92ec60f683f5c62f1a3e8b6bbe892056_ismagent_ryuk_sliver
- Size
  
  3.2MB
- MD5
  
  92ec60f683f5c62f1a3e8b6bbe892056
- SHA1
  
  bbb1792d7c5dfb9e3a32b3180d93bdf683c3afff
- SHA256
  
  0112e57088f1330213c5feb031f159cd2a2e2196d5a1e344a45986af6ad046be
- SHA512
  
  39be75208720bac0eff708bcdca4ff0356fc3a78514d5aae9a88e1c1e75e4e8055f407fe25472d9a7fdccb03f8a373b221138363bb22a31d13ea0e15e8cb955a
- SSDEEP
  
  49152:Y0yAXvucS6SnbZVlxyZH0XAaCx5OX9ZO/xtEfOfzMFvfDTtKjkVE+ubDw8litYOV:rvg6ClrBCjec+OfAK7DuYOQw
Score

1^/10
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

servers windowsmeshagent

behavioral1

behavioral2