General

  • Target

    fcc84b2913606db9ed575affe65591ae

  • Size

    322KB

  • MD5

    fcc84b2913606db9ed575affe65591ae

  • SHA1

    a6b6c3e28d245df70c307c354eab877e5fb8efd2

  • SHA256

    34ee9da62967a53c3bf97f9301aa9353a3b42e5bd40c3122b929e50e08d146c5

  • SHA512

    5e6f9b0040acea1dce8463bd30eb7905de215fd378d112a4d50dd80303539c38e1f516b7512297c215ae77050445785f994a96b7c8ea94a075ea340229b7e0c7

  • SSDEEP

    6144:MtU6T/wE1MFGonDrJU2kY1b94hsmjVTPdgBGE7YpqTFIVo+AxU36WDbl3:aU+/wEKAonDrFyhtTR+YQTL+Axg

Score
10/10

Malware Config

Signatures

  • AmmyyAdmin payload 1 IoCs
  • Ammyyadmin family
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • fcc84b2913606db9ed575affe65591ae
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • out.upx
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections