ammyyadmin | 7d9779e92331131d76ea6bdbb047ccea2201f4b5c1558c3944a2aa8f5b73b3cf | Triage

Submit
Reports

Overview

overview

Static

static

Device/Har....5.exe

windows7-x64

Device/Har....5.exe

windows10-2004-x64

Sharing

General

Target

AA_v3.5.exe
Size

391KB
Sample

230330-h4wz5sch9x
MD5

8e5460bbf2a4673755b6730db1d9e963
SHA1

fb2a469a087d9226f4c9bed1d86acfb1d40d9b2e
SHA256

7d9779e92331131d76ea6bdbb047ccea2201f4b5c1558c3944a2aa8f5b73b3cf
SHA512

72c938dbb5877410f90019f75f768dc2280d8611fa975bbe64d835760f4c0899cca4655d1d5752b2f78f7eeb15e1c7a9c4e2ea7c9bccb0d8391ccd22c11eb24a
SSDEEP

12288:Ma3CYuRdM83IDJAUZ3KslJcZx3gWMlN7NTKzI:MmCYuR2VV61P6v

Score

10^/10

ammyyadmin flawedammyy trojan

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

Device/HarddiskVolume6/SUKUMARANS BACKUP/C Drive/Downloads/AA_v3.5.exe

Resource

win7-20230220-en

flawedammyy trojan

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

Device/HarddiskVolume6/SUKUMARANS BACKUP/C Drive/Downloads/AA_v3.5.exe

Resource

win10v2004-20230220-en

flawedammyy trojan

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  Device/HarddiskVolume6/SUKUMARANS BACKUP/C Drive/Downloads/AA_v3.5.exe
- Size
  
  746KB
- MD5
  
  2cbf5657ffd8858a9597f296a60270c2
- SHA1
  
  b130611c92788337c4f6bb9e9454ff06eb409166
- SHA256
  
  9b3f4d6a9bae4d7f9cfe45e706db8fe4baef51ae12353941e8b1532b231e6eac
- SHA512
  
  06339a299c8c9ce55e9b96582e54e0bf9e04f894ceb47c07486adf8b0140c2a01fd0932207aca8112ee0b16ba8711fee9435e37339aafb94f167b5a736ee7d0b
- SSDEEP
  
  12288:6NgEvTkYGzXUMA7PTgM0YOg26y4RtcxcUwhqb3omaY80NP6gL:6XTszE7PTgM0YOgA4RtcbwhsSYFVL
Score

10^/10

flawedammyy trojan
- FlawedAmmyy RAT
  Remote-access trojan based on leaked code for the Ammyy remote admin software.
  trojan flawedammyy
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

flawedammyytrojan

behavioral2

flawedammyytrojan

© 2018-2025

Terms | Privacy