ammyyadmin | c1bfd7bae65c6f46a8d512dd23a522d495e9a58a91d43bd1b43251e935a5acd3 | Triage

Submit
Reports

Overview

overview

Static

static

Panel.zip

windows7-x64

1

Panel.zip

windows10-2004-x64

Sharing

General

Target

Panel.zip
Size

16.6MB
Sample

230927-s5zsjada54
MD5

d222e3125398296227d2c9c2dbaaafe7
SHA1

6d213201350b6241ff7f8cba9a0777fe905c1343
SHA256

c1bfd7bae65c6f46a8d512dd23a522d495e9a58a91d43bd1b43251e935a5acd3
SHA512

e40d98f15198bd60dc54abece897f84c61c493008a74218337668dc2bcbbd4185a9ce73eccd4e7224f21f863db7d340b5c884514b6401471cd83bd0ed58f1ec3
SSDEEP

393216:4weRpAsRdRWjY8J98vYOrSrur2LoK7xhiI+22irORI0:4wED0Nb8vYRDH2+2fR1

Score

10^/10

ammyyadmin flawedammyy trojan

Static task

static1

4 signatures

Behavioral task

behavioral1

Sample

Panel.zip

Resource

win7-20230831-en

windows7-x64

0 signatures

300 seconds

Behavioral task

behavioral2

Sample

Panel.zip

Resource

win10v2004-20230915-en

flawedammyy trojan

windows10-2004-x64

13 signatures

300 seconds

Malware Config

Targets

- Target
  
  Panel.zip
- Size
  
  16.6MB
- MD5
  
  d222e3125398296227d2c9c2dbaaafe7
- SHA1
  
  6d213201350b6241ff7f8cba9a0777fe905c1343
- SHA256
  
  c1bfd7bae65c6f46a8d512dd23a522d495e9a58a91d43bd1b43251e935a5acd3
- SHA512
  
  e40d98f15198bd60dc54abece897f84c61c493008a74218337668dc2bcbbd4185a9ce73eccd4e7224f21f863db7d340b5c884514b6401471cd83bd0ed58f1ec3
- SSDEEP
  
  393216:4weRpAsRdRWjY8J98vYOrSrur2LoK7xhiI+22irORI0:4wED0Nb8vYRDH2+2fR1
Score

10^/10

flawedammyy trojan
- FlawedAmmyy RAT
  Remote-access trojan based on leaked code for the Ammyy remote admin software.
  trojan flawedammyy
- Executes dropped EXE
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

flawedammyytrojan

© 2018-2024

Terms | Privacy