General
-
Target
64 - SECRETARIA GENERAL DE COORDINACION.exe
-
Size
3.3MB
-
Sample
250401-na4e1szn13
-
MD5
a669ae9078f80b83d3382b521d018e4a
-
SHA1
210f6bf732a1179c06a52ecbddd9a1cb6325036c
-
SHA256
378d12e22db625f9fb030956effc9ffb3a6e7cc7bd9caa0393236046086c38af
-
SHA512
fc903f2e0e72953e279f3ef0a9c401de31baddfc98c929fc39d55db8bb1b301686f1d8d3e45d61d5d85f19cab913120750185b2ae4fb4698444cd903fe895436
-
SSDEEP
49152:TX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85Q5:TlRsZ47/QXoHUOfAoj1x65
Behavioral task
behavioral1
Sample
64 - SECRETARIA GENERAL DE COORDINACION.exe
Resource
win11-20250314-en
Malware Config
Extracted
meshagent
2
SECRETARÍA GENERAL DE COORDINACIÓN
http://meshcentral.chuquisaca.gob.bo:443/agent.ashx
-
mesh_id
0x6AD535184516B9207EC7ED45B5BC7928541A366C1FA4E4000FFD6316318EFF68071D674EE2CF3CEBDC45E469F6E32F8E
-
server_id
D3F86B558925BC6530AEEDA91B544840800211D1376D416552A0BBE8770BAF900524E34C8543EB22E0DC9A07F11CF727
-
wss
wss://meshcentral.chuquisaca.gob.bo:443/agent.ashx
Targets
-
-
Target
64 - SECRETARIA GENERAL DE COORDINACION.exe
-
Size
3.3MB
-
MD5
a669ae9078f80b83d3382b521d018e4a
-
SHA1
210f6bf732a1179c06a52ecbddd9a1cb6325036c
-
SHA256
378d12e22db625f9fb030956effc9ffb3a6e7cc7bd9caa0393236046086c38af
-
SHA512
fc903f2e0e72953e279f3ef0a9c401de31baddfc98c929fc39d55db8bb1b301686f1d8d3e45d61d5d85f19cab913120750185b2ae4fb4698444cd903fe895436
-
SSDEEP
49152:TX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85Q5:TlRsZ47/QXoHUOfAoj1x65
-
Detects MeshAgent payload
-
Meshagent family
-
Sets service image path in registry
-
Executes dropped EXE
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-