Overview

overview

10

Static

static

10

2025-04-03...er.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2025-04-03_bd6411cba0e6de94d57dd82acb20ff55_black-basta_coinminer_ryuk_sliver

  • Size

    3.3MB

  • Sample

    250403-zqkhmawps9

  • MD5

    bd6411cba0e6de94d57dd82acb20ff55

  • SHA1

    7dc9463d2a7bc42112902c755ddf571013c1df7e

  • SHA256

    175c7fe7b3be4cbb04749435fdb6e976aa0cd68c35137bce1124f44a7b585b3e

  • SHA512

    95dc653296eed723ff31ba71e5b3333a984e5b4d322c069c63bef645c5bf2a8bda4b9b39d32226b5e630bcf6bbdca6eab20aab66cff040505022a5d6bf9d6731

  • SSDEEP

    49152:OX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85QC:OlRsZ47/QXoHUOfAoj1x6C

Score
10/10
meshagenttacticalrmm

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

TacticalRMM

C2

http://mesh.corumba.digital:443/agent.ashx

Attributes
  • mesh_id

    0x37DB3BF603B3FBE275334F4E5C601CFF10B53BC9CB88492E7B9CE873743CD26C2962B3FAAC6E8C7FD62B06A137325FA7

  • server_id

    D30B777AAF5D01B3D355927DC1706117A135433CABFF787319761536B02A4ADD10C4398B02F93373BE1143DCAA09A591

  • wss

    wss://mesh.corumba.digital:443/agent.ashx

Targets

    • Target

      2025-04-03_bd6411cba0e6de94d57dd82acb20ff55_black-basta_coinminer_ryuk_sliver

    • Size

      3.3MB

    • MD5

      bd6411cba0e6de94d57dd82acb20ff55

    • SHA1

      7dc9463d2a7bc42112902c755ddf571013c1df7e

    • SHA256

      175c7fe7b3be4cbb04749435fdb6e976aa0cd68c35137bce1124f44a7b585b3e

    • SHA512

      95dc653296eed723ff31ba71e5b3333a984e5b4d322c069c63bef645c5bf2a8bda4b9b39d32226b5e630bcf6bbdca6eab20aab66cff040505022a5d6bf9d6731

    • SSDEEP

      49152:OX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85QC:OlRsZ47/QXoHUOfAoj1x6C

    Score
    1/10
    behavioral1

MITRE ATT&CK Matrix

Tasks