Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

2025-03-21...er.exe

windows7-x64

1

2025-03-21...er.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2025-03-21_9e47f4c2ba12b7346913a7d83afa7494_coinminer_ismagent_ryuk_sliver

  • Size

    3.3MB

  • Sample

    250321-s55nsa1zhy

  • MD5

    9e47f4c2ba12b7346913a7d83afa7494

  • SHA1

    543927a0c0ca8c95dfa9ef940774424cbba93a46

  • SHA256

    5a63dc88ef9a995b9badfd01e32e075c9b745ca92ac4d4a4540ed45ec8cab331

  • SHA512

    4617b2deeadb31fffd8c4b30fabf5598fefbdc57e477af92085543179a1fe2fb78aecc731f37ad32a59492e6e63d1d7ed1c62d6bc723ac5bc99a905c97a8e9c9

  • SSDEEP

    49152:5X3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85Qq:5lRsZ47/QXoHUOfAoj1x6q

Score
10/10
meshagentdd

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

DD

Attributes
  • mesh_id

    0xF0F013128860AA3CF5B8282D93CC59ECC47AE959CDCBBD94A5E14C9E1EF650D9788DB927DFC7B6E94002F4E5B381FA1B

  • server_id

    D2110B753895FE429996B957D3C758BB75E49A176C89ED450D8170373EB9851DBD1703639272B3DF63F8FAB51E00B0A0

  • wss

    localhost

Targets

    • Target

      2025-03-21_9e47f4c2ba12b7346913a7d83afa7494_coinminer_ismagent_ryuk_sliver

    • Size

      3.3MB

    • MD5

      9e47f4c2ba12b7346913a7d83afa7494

    • SHA1

      543927a0c0ca8c95dfa9ef940774424cbba93a46

    • SHA256

      5a63dc88ef9a995b9badfd01e32e075c9b745ca92ac4d4a4540ed45ec8cab331

    • SHA512

      4617b2deeadb31fffd8c4b30fabf5598fefbdc57e477af92085543179a1fe2fb78aecc731f37ad32a59492e6e63d1d7ed1c62d6bc723ac5bc99a905c97a8e9c9

    • SSDEEP

      49152:5X3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85Qq:5lRsZ47/QXoHUOfAoj1x6q

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks