General

  • Target

    2025-03-12_2f717cddbc9a02ee86ed6bac8a7046bb_coinminer_ismagent_ryuk_sliver

  • Size

    3.3MB

  • Sample

    250312-w2mwcayyat

  • MD5

    2f717cddbc9a02ee86ed6bac8a7046bb

  • SHA1

    0f64096bbf04ca1141c619eb261f8c24b8f63532

  • SHA256

    e0abc438ac9eb32ab1a73445caa1e38842675cce1de4768a7d7fe6466bfb92e3

  • SHA512

    140ec68341d2c66b64547715bd3721b9f8a4b5ec7f1399e2e12d4a7d5af6ce6c164bbb8de58a15c206d3a8b2c5969bc9d424f6278976a41888475f78a347b1f1

  • SSDEEP

    49152:0X3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85QS:0lRsZ47/QXoHUOfAoj1x6S

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

Elabora Soc. Coop.

C2

http://mesh.4lab.it:443/agent.ashx

Attributes
  • mesh_id

    0x5BBBFF666B70A15A93659038AD63A6A90DDC4B9A7B049F25DBF07149D5235BE3779B413F4DDC8C8EA782C9AA0FBEDF00

  • server_id

    E64F1541F5F10FA4325368D3C89B6DB7C392F42CAF39EB3A8C220D4BA32B69495A652C83842870A7145929331B62139A

  • wss

    wss://mesh.4lab.it:443/agent.ashx

Targets

    • Target

      2025-03-12_2f717cddbc9a02ee86ed6bac8a7046bb_coinminer_ismagent_ryuk_sliver

    • Size

      3.3MB

    • MD5

      2f717cddbc9a02ee86ed6bac8a7046bb

    • SHA1

      0f64096bbf04ca1141c619eb261f8c24b8f63532

    • SHA256

      e0abc438ac9eb32ab1a73445caa1e38842675cce1de4768a7d7fe6466bfb92e3

    • SHA512

      140ec68341d2c66b64547715bd3721b9f8a4b5ec7f1399e2e12d4a7d5af6ce6c164bbb8de58a15c206d3a8b2c5969bc9d424f6278976a41888475f78a347b1f1

    • SSDEEP

      49152:0X3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85QS:0lRsZ47/QXoHUOfAoj1x6S

    Score
    1/10

MITRE ATT&CK Matrix

Tasks