Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

meshagent64-test8.exe

windows7-x64

1

meshagent64-test8.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    meshagent64-test8.exe

  • Size

    3.3MB

  • Sample

    250320-kaha1asjs6

  • MD5

    0375b9bc8048fff72a08872c0992ca2c

  • SHA1

    0b8bf91a63cb2a814c14ff87f86957b7993c1ea8

  • SHA256

    9902d605b851b3bb44d6d0fa6f1b9d46839a2e05836a661f7747d4ca27a6e000

  • SHA512

    84f1443088d74f0983179fb6602644fd75ca8e62dbf29727b07a8d85d4ddbf939a43cd059728273d870237fc954c445686b66d47ff1c7f512aecb979c098b9a1

  • SSDEEP

    49152:VdZEy2B6vflQf6X8uZQoy3vR6QVQy5Z+bm4M/HMFvfGW0/7Z7Ib3jxw5b+:nHvfGfZvZj1/N/z/owJ+

Score
10/10
meshagenttest

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

test

C2

http://81.199.130.130:443/agent.ashx

Attributes
  • mesh_id

    0x47DDDC52FC2F31C47AD1DB7EB4B7C5D38C64AAD2FC943360B44270FE0EA5E8B1A96E47D75411E0868F92FE77C2BFBAD0

  • server_id

    C3CEF30878AE341001284FF387E3BB7A7922403931F7265230ABB853B779EF5C3E73D0B368F566EC7B73BFB88E64D995

  • wss

    wss://81.199.130.130:443/agent.ashx

Targets

    • Target

      meshagent64-test8.exe

    • Size

      3.3MB

    • MD5

      0375b9bc8048fff72a08872c0992ca2c

    • SHA1

      0b8bf91a63cb2a814c14ff87f86957b7993c1ea8

    • SHA256

      9902d605b851b3bb44d6d0fa6f1b9d46839a2e05836a661f7747d4ca27a6e000

    • SHA512

      84f1443088d74f0983179fb6602644fd75ca8e62dbf29727b07a8d85d4ddbf939a43cd059728273d870237fc954c445686b66d47ff1c7f512aecb979c098b9a1

    • SSDEEP

      49152:VdZEy2B6vflQf6X8uZQoy3vR6QVQy5Z+bm4M/HMFvfGW0/7Z7Ib3jxw5b+:nHvfGfZvZj1/N/z/owJ+

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks