Overview

overview

10

Static

static

10

2025-04-09...er.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2025-04-09_6c94904cf3a247cf2d257b5a34580c04_black-basta_coinminer_ryuk_sliver

  • Size

    3.3MB

  • Sample

    250409-q59xdssly3

  • MD5

    6c94904cf3a247cf2d257b5a34580c04

  • SHA1

    97a464c9b5627caef4acd45d35e211acd1cf2578

  • SHA256

    083936f856ed5e58e3842b107e44781ef0aacf2c1677efd9a1e9184a9359be00

  • SHA512

    5f222831274e707decc5bae3164d987c9dc174a3345be38319aa5f75f338733717fe990c67b3bdac7cdc5f1c0f05bf1dc62af65290af5cb6153337164b980c7f

  • SSDEEP

    49152:+X3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85Q8:+lRsZ47/QXoHUOfAoj1x68

Score
10/10
meshagenttacticalrmm

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

TacticalRMM

C2

http://mesh.central.vnet.com.ar:443/agent.ashx

Attributes
  • mesh_id

    0x27E81E9A0999F84133FDA21F4D92FB66C16A4ED44ADDE7AD6C4BBAA1616133BDF26DED367179B7DA256C830E7174D6EA

  • server_id

    4B13DE498F49F4CAD14BBC6B27276ADB391678EFE629F20721B111B1BBE73E51AC28C7EEC3BDBA10602510EC7225104D

  • wss

    wss://mesh.central.vnet.com.ar:443/agent.ashx

Targets

    • Target

      2025-04-09_6c94904cf3a247cf2d257b5a34580c04_black-basta_coinminer_ryuk_sliver

    • Size

      3.3MB

    • MD5

      6c94904cf3a247cf2d257b5a34580c04

    • SHA1

      97a464c9b5627caef4acd45d35e211acd1cf2578

    • SHA256

      083936f856ed5e58e3842b107e44781ef0aacf2c1677efd9a1e9184a9359be00

    • SHA512

      5f222831274e707decc5bae3164d987c9dc174a3345be38319aa5f75f338733717fe990c67b3bdac7cdc5f1c0f05bf1dc62af65290af5cb6153337164b980c7f

    • SSDEEP

      49152:+X3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85Q8:+lRsZ47/QXoHUOfAoj1x68

    Score
    1/10
    behavioral1

MITRE ATT&CK Matrix

Tasks