General

  • Target

    Panel.zip

  • Size

    16.6MB

  • Sample

    230927-s5zsjada54

  • MD5

    d222e3125398296227d2c9c2dbaaafe7

  • SHA1

    6d213201350b6241ff7f8cba9a0777fe905c1343

  • SHA256

    c1bfd7bae65c6f46a8d512dd23a522d495e9a58a91d43bd1b43251e935a5acd3

  • SHA512

    e40d98f15198bd60dc54abece897f84c61c493008a74218337668dc2bcbbd4185a9ce73eccd4e7224f21f863db7d340b5c884514b6401471cd83bd0ed58f1ec3

  • SSDEEP

    393216:4weRpAsRdRWjY8J98vYOrSrur2LoK7xhiI+22irORI0:4wED0Nb8vYRDH2+2fR1

Malware Config

Targets

    • Target

      Panel.zip

    • Size

      16.6MB

    • MD5

      d222e3125398296227d2c9c2dbaaafe7

    • SHA1

      6d213201350b6241ff7f8cba9a0777fe905c1343

    • SHA256

      c1bfd7bae65c6f46a8d512dd23a522d495e9a58a91d43bd1b43251e935a5acd3

    • SHA512

      e40d98f15198bd60dc54abece897f84c61c493008a74218337668dc2bcbbd4185a9ce73eccd4e7224f21f863db7d340b5c884514b6401471cd83bd0ed58f1ec3

    • SSDEEP

      393216:4weRpAsRdRWjY8J98vYOrSrur2LoK7xhiI+22irORI0:4wED0Nb8vYRDH2+2fR1

    Score
    10/10
    • FlawedAmmyy RAT

      Remote-access trojan based on leaked code for the Ammyy remote admin software.

    • Executes dropped EXE

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks