General
-
Target
18e6fbf3a7799ead04694742028458de
-
Size
701KB
-
Sample
231230-pyjwysbbcr
-
MD5
18e6fbf3a7799ead04694742028458de
-
SHA1
cc42326f7cd7d68bb4a5f78e6b9807bb1c92d6d5
-
SHA256
60797554cc5556d0a2e631d34a599a110b620cfdd2438a049ebe355699f510fa
-
SHA512
48ad9211e79b1e3f35b191a06d1f19f4c32291c598b21f117c8d6f90bd1ca18ab134d35c726405ab63a233c180e708ea23db2a436f052d763457aed476fb2a87
-
SSDEEP
12288:hqpX2zPf0bvoLsU+FKN0fCskD1RtcnzepMqBCz3gI:cOPMrGL+FKNAe1RtkzepMqBCkI
Behavioral task
behavioral1
Sample
18e6fbf3a7799ead04694742028458de.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
18e6fbf3a7799ead04694742028458de.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
18e6fbf3a7799ead04694742028458de
-
Size
701KB
-
MD5
18e6fbf3a7799ead04694742028458de
-
SHA1
cc42326f7cd7d68bb4a5f78e6b9807bb1c92d6d5
-
SHA256
60797554cc5556d0a2e631d34a599a110b620cfdd2438a049ebe355699f510fa
-
SHA512
48ad9211e79b1e3f35b191a06d1f19f4c32291c598b21f117c8d6f90bd1ca18ab134d35c726405ab63a233c180e708ea23db2a436f052d763457aed476fb2a87
-
SSDEEP
12288:hqpX2zPf0bvoLsU+FKN0fCskD1RtcnzepMqBCz3gI:cOPMrGL+FKNAe1RtkzepMqBCkI
Score10/10-
FlawedAmmyy RAT
Remote-access trojan based on leaked code for the Ammyy remote admin software.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-