ammyyadmin | e4b4735e7ce3e06a170cec49d36616bb90d52366422a1b537a062e216250d96a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e4b4735e7ce3e06a170cec49d36616bb90d52366422a1b537a062e216250d96a
Size

921KB
MD5

f13cdfc8d4396d5011ff33171814024a
SHA1

fd63dba23fc42918fba0936ab80d98719826da9c
SHA256

e4b4735e7ce3e06a170cec49d36616bb90d52366422a1b537a062e216250d96a
SHA512

c2ef99b24ac68e5dea79ab474b8d2699f4437153566fe24ec5b7258c2ea9b3d6729701a8ad0a50ffbafe56a3dabd8296790d457c6fd0067c70a70bf28ee11276
SSDEEP

24576:QpJJWOwlaUPcWWwRZb4Rt+N5VMRsHoa1GG+0:QL0Or/pwbBvBHMt0

Score

10^/10

ammyyadmin

Malware Config

Signatures

AmmyyAdmin payload 1 IoCs

resource	yara_rule
sample	family_ammyyadmin

Ammyyadmin family
ammyyadmin

Files

e4b4735e7ce3e06a170cec49d36616bb90d52366422a1b537a062e216250d96a
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 520KB - Virtual size: 519KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 96KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 76KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vsp
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE