General
-
Target
ebc69b5bde229922bf3067e8943a476a38c6914f727323bef5908fc46ae29168
-
Size
684KB
-
Sample
221206-gwxq2aba65
-
MD5
a0a4d0bd41b9c117569f8a1e46a00a3a
-
SHA1
add33562f3ddedf3c5fb89814f26eb46f90d8d34
-
SHA256
ebc69b5bde229922bf3067e8943a476a38c6914f727323bef5908fc46ae29168
-
SHA512
63be9ad4ee7859c1b900d8568f8acdfa52dccf1a1576e9d66a50e9da73d19e8225dc1ceb43b8e659081b7cf85c9122ee3aa75caa98aec4519d12abe728fe6618
-
SSDEEP
12288:dqpX2zPf0bvoLsU+FKN0fCskD1RtcnzepMqBCzzgf:wOPMrGL+FKNAe1RtkzepMqBCIf
Behavioral task
behavioral1
Sample
ebc69b5bde229922bf3067e8943a476a38c6914f727323bef5908fc46ae29168.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
ebc69b5bde229922bf3067e8943a476a38c6914f727323bef5908fc46ae29168.exe
Resource
win10v2004-20220901-en
Malware Config
Targets
-
-
Target
ebc69b5bde229922bf3067e8943a476a38c6914f727323bef5908fc46ae29168
-
Size
684KB
-
MD5
a0a4d0bd41b9c117569f8a1e46a00a3a
-
SHA1
add33562f3ddedf3c5fb89814f26eb46f90d8d34
-
SHA256
ebc69b5bde229922bf3067e8943a476a38c6914f727323bef5908fc46ae29168
-
SHA512
63be9ad4ee7859c1b900d8568f8acdfa52dccf1a1576e9d66a50e9da73d19e8225dc1ceb43b8e659081b7cf85c9122ee3aa75caa98aec4519d12abe728fe6618
-
SSDEEP
12288:dqpX2zPf0bvoLsU+FKN0fCskD1RtcnzepMqBCzzgf:wOPMrGL+FKNAe1RtkzepMqBCIf
Score10/10-
FlawedAmmyy RAT
Remote-access trojan based on leaked code for the Ammyy remote admin software.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-