Overview

overview

10

Static

static

10

aaff17eadc...0a.exe

windows7-x64

10

aaff17eadc...0a.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    aaff17eadc614fef4f065d69d4a5950a

  • Size

    941KB

  • Sample

    240228-e1qgeaah4v

  • MD5

    aaff17eadc614fef4f065d69d4a5950a

  • SHA1

    cf8df38958d6ec0bca31b41d244170274f4ae17c

  • SHA256

    af5450d6ec23249783f1119c8716059194be2e40f4574f697dab72eac0223092

  • SHA512

    305f6562e71547faf3e9a4a30c685698757654808e54d9432c615cb60b5562c2db780bf46dcae574ad0f877712853d09263f0503d79e10534c2ce768e7db788f

  • SSDEEP

    24576:4MjPJ5g9KVGrdNikfu2hBfK8ilRty5olGJsx3:dJ5gEKNikf3hBfUiWx3

Score
10/10
ammyyadminrat

Malware Config

Targets

    • Target

      aaff17eadc614fef4f065d69d4a5950a

    • Size

      941KB

    • MD5

      aaff17eadc614fef4f065d69d4a5950a

    • SHA1

      cf8df38958d6ec0bca31b41d244170274f4ae17c

    • SHA256

      af5450d6ec23249783f1119c8716059194be2e40f4574f697dab72eac0223092

    • SHA512

      305f6562e71547faf3e9a4a30c685698757654808e54d9432c615cb60b5562c2db780bf46dcae574ad0f877712853d09263f0503d79e10534c2ce768e7db788f

    • SSDEEP

      24576:4MjPJ5g9KVGrdNikfu2hBfK8ilRty5olGJsx3:dJ5gEKNikf3hBfUiWx3

    Score
    10/10
    ammyyadminrat

    • Ammyy Admin

      Remote admin tool with various capabilities.

      ratammyyadmin

    • AmmyyAdmin payload

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks