ammyyadmin | 32818a2dc7457ccc4f37444ccefc1cf1435657480c152b0ebb1c50833ed56eee | Triage

Submit
Reports

Overview

overview

Static

static

sys09.exe

windows10-2004-x64

Resubmissions

24-03-2023 20:48

230324-zlhhgabd8x 10

24-03-2023 20:47

230324-zkt5wahc59 10

23-01-2023 22:26

230123-2crqwsfg87 10

21-01-2023 00:40

230121-a1a99sca71 10

Sharing

General

Target

MDE_File_Sample_c6bff7857fdf33cbd8f052ef5d669675e5cf06f8.zip
Size

393KB
Sample

230121-a1a99sca71
MD5

857731efbdc857279fc4a6a7b10f5606
SHA1

0f7ba2764948f7daf25e45f383781ebc65863995
SHA256

32818a2dc7457ccc4f37444ccefc1cf1435657480c152b0ebb1c50833ed56eee
SHA512

0581d3ac2f65921d7990744a7d2e1e973b9187078e0bb2a5ef034ce78fc9622279263857085ea655a6d0393e0b95138837a950f996eefe96ddcc065965c8812d
SSDEEP

12288:QtQjd09Ot3Y5UPrw5665ONxvPbP4/WFtW:QtkMOtICPrwE65OvvJ/W

Score

10^/10

ammyyadmin flawedammyy trojan

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

sys09.exe

Resource

win10v2004-20220812-en

flawedammyy trojan

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  sys09.exe
- Size
  
  751KB
- MD5
  
  4d853025b8cd8c725bf78e3df6cce967
- SHA1
  
  c6bff7857fdf33cbd8f052ef5d669675e5cf06f8
- SHA256
  
  4f648c95b8c832742b8b43f4e70689d0ef0328841744858c75d0a4e98fda5ff8
- SHA512
  
  977e43eaa763cc66114e00a615818c66a84a5a47bac1cdf21eff9f8f1dcebf138d8ede823265a2f30807d648c57bf036818254964358691d3f9a013f930705cf
- SSDEEP
  
  12288:Tc0dZib4t9uOroAgUHvCUt4RtlTc+YNKpQsNvVd1gF:Tc/UtwOrZgUHv54Rt6+YNkQsNmF
Score

10^/10

flawedammyy trojan
- FlawedAmmyy RAT
  Remote-access trojan based on leaked code for the Ammyy remote admin software.
  trojan flawedammyy
- Drops file in System32 directory
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

flawedammyytrojan

© 2018-2024

Terms | Privacy