Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

2025-03-20...er.exe

windows7-x64

1

2025-03-20...er.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2025-03-20_c088e418868aff006bd4b6482d9e8390_coinminer_ismagent_ryuk_sliver

  • Size

    3.3MB

  • Sample

    250320-3aj4pszycx

  • MD5

    c088e418868aff006bd4b6482d9e8390

  • SHA1

    52f8e13c4de11f3d8b8745226d101ca442d6c0e7

  • SHA256

    b03987a19b06570e3e22054c4e67bbf13a728a96e312dd6dd8b2701f0b5a5202

  • SHA512

    4b6fe0f6e0f13c3f8839822cf58ddc8a419be643d2a1404e3c6b176b6c8e5c27b19f47c551bf02294eb2c1b8c0c8cf4ba7fdf824361fe1ca41cba80edf5d7f72

  • SSDEEP

    49152:TX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85Qt:TlRsZ47/QXoHUOfAoj1x6t

Score
10/10
meshagentradziv

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

RADZIV

C2

http://techsupport.myftp.org:443/agent.ashx

Attributes
  • mesh_id

    0x57C02855C33955E10E6CB8DF2C4970DF84B3D140E910323D9981BC6A44824604B4F6EAE8ED30A6C6FA2F3BA88F56F060

  • server_id

    A5D0014DC4EDF37515379D28C8FA94CF07B7E21E122A1EC1CF8EC599571CA6527C3C23F8EDB99AD0C14EBB3BE704B0ED

  • wss

    wss://techsupport.myftp.org:443/agent.ashx

Targets

    • Target

      2025-03-20_c088e418868aff006bd4b6482d9e8390_coinminer_ismagent_ryuk_sliver

    • Size

      3.3MB

    • MD5

      c088e418868aff006bd4b6482d9e8390

    • SHA1

      52f8e13c4de11f3d8b8745226d101ca442d6c0e7

    • SHA256

      b03987a19b06570e3e22054c4e67bbf13a728a96e312dd6dd8b2701f0b5a5202

    • SHA512

      4b6fe0f6e0f13c3f8839822cf58ddc8a419be643d2a1404e3c6b176b6c8e5c27b19f47c551bf02294eb2c1b8c0c8cf4ba7fdf824361fe1ca41cba80edf5d7f72

    • SSDEEP

      49152:TX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85Qt:TlRsZ47/QXoHUOfAoj1x6t

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks