Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

2025-03-26...er.exe

windows7-x64

1

2025-03-26...er.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2025-03-26_0a7f7304281d3369f87fb50b69535036_coinminer_ismagent_ryuk_sliver

  • Size

    3.3MB

  • Sample

    250326-lvr7da1wdx

  • MD5

    0a7f7304281d3369f87fb50b69535036

  • SHA1

    214a26ebe7079c6b1819d03dce43e2ed458d1b3a

  • SHA256

    dca3da76cd50296e3ca861ac3def78d82a1cdd00cfeb7b89c99c27870dde3501

  • SHA512

    65c95731ed74e7f22ef1571920ea967e953ac2310d2e3d145d434f3ff107fcdd942363638ba04a3d08c21015c6d0f33f8ada4f45c4c197f6a9876754b5926d30

  • SSDEEP

    49152:YX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe05R:YlRsZ47/QXoHUOfAoj1lj

Score
10/10
meshagentmesh

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

mesh

C2

http://45.119.211.136:8086/agent.ashx

Attributes
  • mesh_id

    0x44948CC40BB4D135869FD5D3C99C2F45CD55D38F82AB9949CE7F32574B5A00B0527FDE310510FB8F84678DECED0CC22E

  • server_id

    CEBBD893631AF0FAD325F51EA390435120FA89B0F5FF905A204D6EB5487AED0A5A377CC081056D4F1A6FC6D7531BB63C

  • wss

    wss://45.119.211.136:8086/agent.ashx

Targets

    • Target

      2025-03-26_0a7f7304281d3369f87fb50b69535036_coinminer_ismagent_ryuk_sliver

    • Size

      3.3MB

    • MD5

      0a7f7304281d3369f87fb50b69535036

    • SHA1

      214a26ebe7079c6b1819d03dce43e2ed458d1b3a

    • SHA256

      dca3da76cd50296e3ca861ac3def78d82a1cdd00cfeb7b89c99c27870dde3501

    • SHA512

      65c95731ed74e7f22ef1571920ea967e953ac2310d2e3d145d434f3ff107fcdd942363638ba04a3d08c21015c6d0f33f8ada4f45c4c197f6a9876754b5926d30

    • SSDEEP

      49152:YX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe05R:YlRsZ47/QXoHUOfAoj1lj

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks