Overview

overview

10

Static

static

10

2025-04-07...er.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2025-04-07_c08131aee44ec483cc67668ea115c742_black-basta_coinminer_ryuk_sliver

  • Size

    3.3MB

  • Sample

    250407-smpvlswmz5

  • MD5

    c08131aee44ec483cc67668ea115c742

  • SHA1

    9c8427271baf1077c5d493a0393151bc3048f60e

  • SHA256

    4b6071b9149676ae2b4c9487e2593bc753f262e65bce1069909f9d1638d3f8a7

  • SHA512

    a96a86b970a6a76b41b0bf649638e5dce7bf3f839d8c0df6405971b00835ca75f8ac8694f29f7cdad7d4f4f48254c7f0c4c562857572af9415cd261b90bb06cf

  • SSDEEP

    49152:sX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85QD:slRsZ47/QXoHUOfAoj1x6D

Score
10/10
meshagenttacticalrmm

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

TacticalRMM

C2

http://mesh.tasklistsystem.org:443/agent.ashx

Attributes
  • mesh_id

    0x899F2E7568D42D2C52D8030B9DAB0538EE6838FA5A5B48923570A25704BC9CA9D20770139A2F7C20FE5B8AD59751F7CB

  • server_id

    9AE385C0D9DCE38316018D8124E1197171BEFC6ED7AC2E77AD1DF6C4CAE01E3BBFBBB25ABD5AC7FDF9B85AF760F19F47

  • wss

    wss://mesh.tasklistsystem.org:443/agent.ashx

Targets

    • Target

      2025-04-07_c08131aee44ec483cc67668ea115c742_black-basta_coinminer_ryuk_sliver

    • Size

      3.3MB

    • MD5

      c08131aee44ec483cc67668ea115c742

    • SHA1

      9c8427271baf1077c5d493a0393151bc3048f60e

    • SHA256

      4b6071b9149676ae2b4c9487e2593bc753f262e65bce1069909f9d1638d3f8a7

    • SHA512

      a96a86b970a6a76b41b0bf649638e5dce7bf3f839d8c0df6405971b00835ca75f8ac8694f29f7cdad7d4f4f48254c7f0c4c562857572af9415cd261b90bb06cf

    • SSDEEP

      49152:sX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85QD:slRsZ47/QXoHUOfAoj1x6D

    Score
    1/10
    behavioral1

MITRE ATT&CK Matrix

Tasks