General
-
Target
Unconfirmed 517520.crdownload
-
Size
422KB
-
Sample
230920-hf58xagf56
-
MD5
5c4a6580e85a139edc65fc4576fef452
-
SHA1
2f744e7bfdc686f86dc20f2e9208b8d3b67b0d20
-
SHA256
0aa73f2d4d2fc700b04a037ffc49f79b187c679b9a7773508c718b81af1b7af3
-
SHA512
4268b738fa438ca45df9d650c0c05e95b93a8fe916b477db72035d779a04bd4fc3e51a43993259e9b63a68fbf1030f9d55232ef2e6912e51b1d540d8ec17dc3c
-
SSDEEP
12288:F3+9g2aWVn8DJupEoI9Shla4zb7vAJfSf3F:x2pgupg4zbiq/F
Behavioral task
behavioral1
Sample
Device/HarddiskVolume3/Users/WissamIH/Downloads/Unconfirmed 517520.exe
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
Device/HarddiskVolume3/Users/WissamIH/Downloads/Unconfirmed 517520.exe
Resource
win10v2004-20230915-en
Malware Config
Targets
-
-
Target
Device/HarddiskVolume3/Users/WissamIH/Downloads/Unconfirmed 517520.crdownload
-
Size
798KB
-
MD5
90aadf2247149996ae443e2c82af3730
-
SHA1
050b7eba825412b24e3f02d76d7da5ae97e10502
-
SHA256
ee573647477339784dcef81024de1be1762833a20e5cc2b89a93e47d05b86b6a
-
SHA512
eec32bb82b230dd309c29712e72d4469250e651449e127479d178eddbafd5a46ec8048a753bc2c1a0fdf1dc3ed72a9453ca66fb49cbf0f95a12704e5427182be
-
SSDEEP
24576:Uj0JJ4p/A4npt3XojeQG5EtzRtO7GvmDguXd:UjoJ4u4zojegylDN
Score10/10-
FlawedAmmyy RAT
Remote-access trojan based on leaked code for the Ammyy remote admin software.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-