General

  • Target

    ebc69b5bde229922bf3067e8943a476a38c6914f727323bef5908fc46ae29168

  • Size

    684KB

  • Sample

    221206-gwxq2aba65

  • MD5

    a0a4d0bd41b9c117569f8a1e46a00a3a

  • SHA1

    add33562f3ddedf3c5fb89814f26eb46f90d8d34

  • SHA256

    ebc69b5bde229922bf3067e8943a476a38c6914f727323bef5908fc46ae29168

  • SHA512

    63be9ad4ee7859c1b900d8568f8acdfa52dccf1a1576e9d66a50e9da73d19e8225dc1ceb43b8e659081b7cf85c9122ee3aa75caa98aec4519d12abe728fe6618

  • SSDEEP

    12288:dqpX2zPf0bvoLsU+FKN0fCskD1RtcnzepMqBCzzgf:wOPMrGL+FKNAe1RtkzepMqBCIf

Malware Config

Targets

    • Target

      ebc69b5bde229922bf3067e8943a476a38c6914f727323bef5908fc46ae29168

    • Size

      684KB

    • MD5

      a0a4d0bd41b9c117569f8a1e46a00a3a

    • SHA1

      add33562f3ddedf3c5fb89814f26eb46f90d8d34

    • SHA256

      ebc69b5bde229922bf3067e8943a476a38c6914f727323bef5908fc46ae29168

    • SHA512

      63be9ad4ee7859c1b900d8568f8acdfa52dccf1a1576e9d66a50e9da73d19e8225dc1ceb43b8e659081b7cf85c9122ee3aa75caa98aec4519d12abe728fe6618

    • SSDEEP

      12288:dqpX2zPf0bvoLsU+FKN0fCskD1RtcnzepMqBCzzgf:wOPMrGL+FKNAe1RtkzepMqBCIf

    Score
    10/10
    • FlawedAmmyy RAT

      Remote-access trojan based on leaked code for the Ammyy remote admin software.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v6

Tasks