Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

2025-03-22...er.exe

windows7-x64

1

2025-03-22...er.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2025-03-22_aa25da3afe423dff37cfa022c1e9fe13_coinminer_ismagent_ryuk_sliver

  • Size

    3.4MB

  • Sample

    250322-z5xrhazzbv

  • MD5

    aa25da3afe423dff37cfa022c1e9fe13

  • SHA1

    6d5847d12fb3f4850628567ea161f8a5d8ee946a

  • SHA256

    9899605ec7fa388416d1366aadeea42aaf1ce9f5b6e6f11562e3f44139d4f9fc

  • SHA512

    bd65a9a8b5743e89ec27c2fdbe649457ddc30a148136a7c8564cbd54ffa800a70f3da8bbeaf53403ce2d87f8d436215fdc4eac15859d378d6835226392506738

  • SSDEEP

    49152:SdZEy2B6vflQf6X8uZQoy3vR6QVQy5Z+bm4M/HMFvfGW0/wZ7IbOjx85T:qHvfGfZvZj1/N/z/A8h

Score
10/10
meshagentdavid

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

david

C2

http://remoteshare.in:444/agent.ashx

Attributes
  • mesh_id

    0x4BDACC9969A2E9A83064630FA1B8EF3443BAE371106B0E702E58527663EF075B1E1F693B801C7545401EB6221DBC909E

  • server_id

    C6DE5260F3DF733E712F21316EE6EE643ABC568C44EC1AE991C57525DD26FAF883ED8D9A208F6CD34C3CC1CF7943ECD7

  • wss

    wss://remoteshare.in:444/agent.ashx

Targets

    • Target

      2025-03-22_aa25da3afe423dff37cfa022c1e9fe13_coinminer_ismagent_ryuk_sliver

    • Size

      3.4MB

    • MD5

      aa25da3afe423dff37cfa022c1e9fe13

    • SHA1

      6d5847d12fb3f4850628567ea161f8a5d8ee946a

    • SHA256

      9899605ec7fa388416d1366aadeea42aaf1ce9f5b6e6f11562e3f44139d4f9fc

    • SHA512

      bd65a9a8b5743e89ec27c2fdbe649457ddc30a148136a7c8564cbd54ffa800a70f3da8bbeaf53403ce2d87f8d436215fdc4eac15859d378d6835226392506738

    • SSDEEP

      49152:SdZEy2B6vflQf6X8uZQoy3vR6QVQy5Z+bm4M/HMFvfGW0/wZ7IbOjx85T:qHvfGfZvZj1/N/z/A8h

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks