General

  • Target

    18966a28fba7a616962f90694009a466

  • Size

    708KB

  • Sample

    231230-pp388sbcd2

  • MD5

    18966a28fba7a616962f90694009a466

  • SHA1

    4f7ac1f55f093bf3c7dc0fb6971a6da701793a56

  • SHA256

    847a62b88f8e17d9face6fac84037a125f66c4db0f1cdbf464305f053578d37b

  • SHA512

    3a0073e82cdf16bb3accb1512f2bfb5da15ab9f12eeb0616fedfbed2a877fcf52be91017523ab121549e3b0a2501974137c0d88c2c56472f6adf45f0a021b8bd

  • SSDEEP

    12288:yVr29UGEg6VUM5oAL1jq3E2jj0NOjAqHKtCessZWjya7VM1en9Nm1RtNeCVao2Vy:oUbj4qwCessA41Rt0CVMVZtxI

Malware Config

Targets

    • Target

      18966a28fba7a616962f90694009a466

    • Size

      708KB

    • MD5

      18966a28fba7a616962f90694009a466

    • SHA1

      4f7ac1f55f093bf3c7dc0fb6971a6da701793a56

    • SHA256

      847a62b88f8e17d9face6fac84037a125f66c4db0f1cdbf464305f053578d37b

    • SHA512

      3a0073e82cdf16bb3accb1512f2bfb5da15ab9f12eeb0616fedfbed2a877fcf52be91017523ab121549e3b0a2501974137c0d88c2c56472f6adf45f0a021b8bd

    • SSDEEP

      12288:yVr29UGEg6VUM5oAL1jq3E2jj0NOjAqHKtCessZWjya7VM1en9Nm1RtNeCVao2Vy:oUbj4qwCessA41Rt0CVMVZtxI

    Score
    10/10
    • FlawedAmmyy RAT

      Remote-access trojan based on leaked code for the Ammyy remote admin software.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks