General

  • Target

    2025-06-04_47f4d27965d80ecf420913296cca8366_black-basta_coinminer_ryuk_sliver

  • Size

    3.3MB

  • Sample

    250604-w2z6nshj9y

  • MD5

    47f4d27965d80ecf420913296cca8366

  • SHA1

    6df11c6395a5fecca1bc7e268382cfcfd4a4b8cc

  • SHA256

    bc9a1ba87e1ad557c4781fd6fb036b7f37ae414e4b31425c3168bec0706d06d4

  • SHA512

    a3c2d9c5db91d687165ab7be0cecc3f717aafecea94863a7ec7ba9945ea6beaf5addde73efae14b47a025662d5d6b882c5888c3a4192da2a5ffb9787624b84d1

  • SSDEEP

    49152:GdZEy2B6vflQf6X8uZQoy3vR6QVQy5Z+bm4M/HMFvfGW0/7Z7Ib3jxw5bJ:GHvfGfZvZj1/N/z/owJJ

Score
10/10

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

zahiir

C2

http://stargate.aphelion.cloud:443/agent.ashx

Attributes
  • mesh_id

    0x5626A9550B462A0773273F6D529E877CBCCB0443ABF838412F3C94115D07EA5EB4B7ACF689662357D11718FA94482A6F

  • server_id

    05ABCF3A54F3ACD39A08326D4591BE6676E4D5FF56BBE9AD083F56A522086CA55C38402AFB64AD8833AE9C1F1AF45DB2

  • wss

    wss://stargate.aphelion.cloud:443/agent.ashx

Targets

    • Target

      2025-06-04_47f4d27965d80ecf420913296cca8366_black-basta_coinminer_ryuk_sliver

    • Size

      3.3MB

    • MD5

      47f4d27965d80ecf420913296cca8366

    • SHA1

      6df11c6395a5fecca1bc7e268382cfcfd4a4b8cc

    • SHA256

      bc9a1ba87e1ad557c4781fd6fb036b7f37ae414e4b31425c3168bec0706d06d4

    • SHA512

      a3c2d9c5db91d687165ab7be0cecc3f717aafecea94863a7ec7ba9945ea6beaf5addde73efae14b47a025662d5d6b882c5888c3a4192da2a5ffb9787624b84d1

    • SSDEEP

      49152:GdZEy2B6vflQf6X8uZQoy3vR6QVQy5Z+bm4M/HMFvfGW0/7Z7Ib3jxw5bJ:GHvfGfZvZj1/N/z/owJJ

    Score
    1/10

MITRE ATT&CK Matrix

Tasks