General

  • Target

    2025-06-02_e693f3c14f69c24e8217c0464cf59dd9_amadey_black-basta_cobalt-strike_coinminer_luca-stealer_satacom_sliver

  • Size

    6.0MB

  • Sample

    250602-zllvwswsa1

  • MD5

    e693f3c14f69c24e8217c0464cf59dd9

  • SHA1

    bf745c0358d0be2cf33f9ddcb91554a61b97a79d

  • SHA256

    bbc0951fab819e4df8314bfbeca6059a72ccb25f1c505c58cad7919384eb906e

  • SHA512

    30770e96620bb207b23b48da19c9d0b07d046397b7148972d0557d2da72c583d414381d1fad025b044f5f849df61133e04a983d2a4b6a07951b902cde401cbe0

  • SSDEEP

    98304:730dvaxYdGg8sdTTyhC7ShbZp+dXNWsEDNWs+:73+CcNTmhfZWxEDx+

Score
10/10

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

Vue4exam

C2

http://remote.examremote.com:443/agent.ashx

Attributes
  • mesh_id

    0x0F3ECD613895027914E3966633942BEFC309979D4F5197D5707EBE487BFC128081A105E934C70F0FDD6B78A50045F097

  • server_id

    460435B76E2BA7A386C796547EE9B205E12F241B5E68453D37FB6DC55D7215361C5860C69962327ED15D48ACFF0C8280

  • wss

    wss://remote.examremote.com:443/agent.ashx

Targets

    • Target

      2025-06-02_e693f3c14f69c24e8217c0464cf59dd9_amadey_black-basta_cobalt-strike_coinminer_luca-stealer_satacom_sliver

    • Size

      6.0MB

    • MD5

      e693f3c14f69c24e8217c0464cf59dd9

    • SHA1

      bf745c0358d0be2cf33f9ddcb91554a61b97a79d

    • SHA256

      bbc0951fab819e4df8314bfbeca6059a72ccb25f1c505c58cad7919384eb906e

    • SHA512

      30770e96620bb207b23b48da19c9d0b07d046397b7148972d0557d2da72c583d414381d1fad025b044f5f849df61133e04a983d2a4b6a07951b902cde401cbe0

    • SSDEEP

      98304:730dvaxYdGg8sdTTyhC7ShbZp+dXNWsEDNWs+:73+CcNTmhfZWxEDx+

    Score
    1/10

MITRE ATT&CK Matrix

Tasks