Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

MeshAgent.exe

windows7-x64

1

MeshAgent.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    MeshAgent.exe

  • Size

    3.3MB

  • Sample

    250320-t8np4szjv8

  • MD5

    5c716fd89b27969847a91d7048ac9d31

  • SHA1

    081586960b6b6093fa0473413b4c8584e081e0b9

  • SHA256

    36a98d2a6aa142cc7ce539ad022bd0022ef096933abf39a38270603f13ccf01c

  • SHA512

    76bcb99cddb92c1fd8966f3499eb514e3e3e34f4771791cc4497a3eebcac5ef4b6786084f272ad6a717e5f4bc53a9159985d2dec752dda8c147b63926edbe72d

  • SSDEEP

    49152:ldZEy2B6vflQf6X8uZQoy3vR6QVQy5Z+bm4M/HMFvfGW0/7Z7Ib3jxw5bg:XHvfGfZvZj1/N/z/owJg

Score
10/10
meshagenttest

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

test

C2

http://81.199.130.130:443/agent.ashx

Attributes
  • mesh_id

    0x47DDDC52FC2F31C47AD1DB7EB4B7C5D38C64AAD2FC943360B44270FE0EA5E8B1A96E47D75411E0868F92FE77C2BFBAD0

  • server_id

    C3CEF30878AE341001284FF387E3BB7A7922403931F7265230ABB853B779EF5C3E73D0B368F566EC7B73BFB88E64D995

  • wss

    wss://81.199.130.130:443/agent.ashx

Targets

    • Target

      MeshAgent.exe

    • Size

      3.3MB

    • MD5

      5c716fd89b27969847a91d7048ac9d31

    • SHA1

      081586960b6b6093fa0473413b4c8584e081e0b9

    • SHA256

      36a98d2a6aa142cc7ce539ad022bd0022ef096933abf39a38270603f13ccf01c

    • SHA512

      76bcb99cddb92c1fd8966f3499eb514e3e3e34f4771791cc4497a3eebcac5ef4b6786084f272ad6a717e5f4bc53a9159985d2dec752dda8c147b63926edbe72d

    • SSDEEP

      49152:ldZEy2B6vflQf6X8uZQoy3vR6QVQy5Z+bm4M/HMFvfGW0/7Z7Ib3jxw5bg:XHvfGfZvZj1/N/z/owJg

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks