ammyyadmin | 847a62b88f8e17d9face6fac84037a125f66c4db0f1cdbf464305f053578d37b | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

18966a28fb...66.exe

windows7-x64

18966a28fb...66.exe

windows10-2004-x64

Sharing

General

Target

18966a28fba7a616962f90694009a466
Size

708KB
Sample

231230-pp388sbcd2
MD5

18966a28fba7a616962f90694009a466
SHA1

4f7ac1f55f093bf3c7dc0fb6971a6da701793a56
SHA256

847a62b88f8e17d9face6fac84037a125f66c4db0f1cdbf464305f053578d37b
SHA512

3a0073e82cdf16bb3accb1512f2bfb5da15ab9f12eeb0616fedfbed2a877fcf52be91017523ab121549e3b0a2501974137c0d88c2c56472f6adf45f0a021b8bd
SSDEEP

12288:yVr29UGEg6VUM5oAL1jq3E2jj0NOjAqHKtCessZWjya7VM1en9Nm1RtNeCVao2Vy:oUbj4qwCessA41Rt0CVMVZtxI

Score

10^/10

ammyyadmin flawedammyy trojan

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

18966a28fba7a616962f90694009a466.exe

Resource

win7-20231215-en

flawedammyy trojan

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

18966a28fba7a616962f90694009a466.exe

Resource

win10v2004-20231215-en

flawedammyy trojan

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  18966a28fba7a616962f90694009a466
- Size
  
  708KB
- MD5
  
  18966a28fba7a616962f90694009a466
- SHA1
  
  4f7ac1f55f093bf3c7dc0fb6971a6da701793a56
- SHA256
  
  847a62b88f8e17d9face6fac84037a125f66c4db0f1cdbf464305f053578d37b
- SHA512
  
  3a0073e82cdf16bb3accb1512f2bfb5da15ab9f12eeb0616fedfbed2a877fcf52be91017523ab121549e3b0a2501974137c0d88c2c56472f6adf45f0a021b8bd
- SSDEEP
  
  12288:yVr29UGEg6VUM5oAL1jq3E2jj0NOjAqHKtCessZWjya7VM1en9Nm1RtNeCVao2Vy:oUbj4qwCessA41Rt0CVMVZtxI
Score

10^/10

flawedammyy trojan
- FlawedAmmyy RAT
  Remote-access trojan based on leaked code for the Ammyy remote admin software.
  trojan flawedammyy
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

flawedammyytrojan

behavioral2

flawedammyytrojan

© 2018-2025

Terms | Privacy

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.