Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

2025-03-20...er.exe

windows7-x64

1

2025-03-20...er.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2025-03-20_18900946e655949fdc301215783e19ab_coinminer_ismagent_ryuk_sliver

  • Size

    3.3MB

  • Sample

    250320-h8ddla1kw8

  • MD5

    18900946e655949fdc301215783e19ab

  • SHA1

    a828aec066e83846475960fb0f63c68ce37ab0bd

  • SHA256

    9e534bb19e5a7c900ea4ce1924d29dd29a61b249c60e3d843b4ae20d840bd16e

  • SHA512

    38289e7c23cd130840884cb9d8f11e6adddac1bb0b80df3b0b1537cf98747bec3525c1e36053f8d92386d23414e113c3401fecec1e6daede736a584a8ffe11a7

  • SSDEEP

    49152:LX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85Qx:LlRsZ47/QXoHUOfAoj1x6x

Score
10/10
meshagentusa

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

USA

C2

http://benitolocker.pro:443/agent.ashx

Attributes
  • mesh_id

    0x3A47D134BF4F330DE8C27FD61FF283C5309A164139A67D5EE6EBC1D8F320D367EFA267687095FEE5D06CED6CDF2CC5BF

  • server_id

    1D4D11E707A7D5FA47BFB4705F74843B96142CDB21117F5A3F5234811772E225E16EBCE327C6F43112BF2E84F9D71D7D

  • wss

    wss://benitolocker.pro:443/agent.ashx

Targets

    • Target

      2025-03-20_18900946e655949fdc301215783e19ab_coinminer_ismagent_ryuk_sliver

    • Size

      3.3MB

    • MD5

      18900946e655949fdc301215783e19ab

    • SHA1

      a828aec066e83846475960fb0f63c68ce37ab0bd

    • SHA256

      9e534bb19e5a7c900ea4ce1924d29dd29a61b249c60e3d843b4ae20d840bd16e

    • SHA512

      38289e7c23cd130840884cb9d8f11e6adddac1bb0b80df3b0b1537cf98747bec3525c1e36053f8d92386d23414e113c3401fecec1e6daede736a584a8ffe11a7

    • SSDEEP

      49152:LX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85Qx:LlRsZ47/QXoHUOfAoj1x6x

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks