Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

2025-03-20...er.exe

windows7-x64

1

2025-03-20...er.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2025-03-20_742513d40873cdadeb4274680944d95a_coinminer_ismagent_ryuk_sliver

  • Size

    3.3MB

  • Sample

    250320-nrvt7s11bt

  • MD5

    742513d40873cdadeb4274680944d95a

  • SHA1

    75e243d79a4e790d1006e22a8eaf96af8d2425f6

  • SHA256

    e0420c766612ec12dbb57b6ce1b1d42b6eaa501343d2e1ef17830203834e2772

  • SHA512

    c24eefe90e6301f2a8befb3e8e17da6b3d94030b5a62d20acc59d7ed12f40908fae3da267b089066c6dfd9c7b1ab835b83962fcaef161d6072beec46209e5108

  • SSDEEP

    49152:hX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQeq5Ph:hlRsZ47/QXoHUOfAoj1Dxh

Score
10/10
meshagentzm-internal

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

ZM-Internal

C2

http://remote.zeckermcdecker.com:443/agent.ashx

Attributes
  • mesh_id

    0xD3518144AD0F98D7BDDF39DD7A0980883107265B2DB579262FCAF31ED337EA23A0532F4DC4D5482A955948EC1E5AD5C4

  • server_id

    CC384CC0EF8F823CC8A30810B135654F4E595D575A2A201A750BBE05B15D4DDC0642128BE9333D116F9159E241F592EA

  • wss

    wss://remote.zeckermcdecker.com:443/agent.ashx

Targets

    • Target

      2025-03-20_742513d40873cdadeb4274680944d95a_coinminer_ismagent_ryuk_sliver

    • Size

      3.3MB

    • MD5

      742513d40873cdadeb4274680944d95a

    • SHA1

      75e243d79a4e790d1006e22a8eaf96af8d2425f6

    • SHA256

      e0420c766612ec12dbb57b6ce1b1d42b6eaa501343d2e1ef17830203834e2772

    • SHA512

      c24eefe90e6301f2a8befb3e8e17da6b3d94030b5a62d20acc59d7ed12f40908fae3da267b089066c6dfd9c7b1ab835b83962fcaef161d6072beec46209e5108

    • SSDEEP

      49152:hX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQeq5Ph:hlRsZ47/QXoHUOfAoj1Dxh

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks