General
-
Target
c5d8730d4262ad37537b5d884cde2c99
-
Size
322KB
-
Sample
240313-pdgk4acf3t
-
MD5
c5d8730d4262ad37537b5d884cde2c99
-
SHA1
9e5430bc88b767310996eacf4a3ddf1061d63fc4
-
SHA256
9193216fe32d889861b89e30af51717757272e4bfa22d9166d0ae95eb985204c
-
SHA512
20e1db6c58cd3a755ee32458d0c386c6c47962355360197cca7ea6156f6ff8f6a4a6526396408c8679defbf4b84ce8a8529bde9ddb181df52fb065a75f750228
-
SSDEEP
6144:zjyKtN1B0fiy4ckLfSybXY3hcT04g/ia7Febn6KDDkNb9wey56uwyKERwD9cXg:zttN12fiIafZY3hcT4Ka7E76BNb9Zy5Y
Behavioral task
behavioral1
Sample
AA_v3.1.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
AA_v3.1.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
AA_v3.1.exe
-
Size
717KB
-
MD5
9561c8f7bd981a9eaac23ec6fa9a65e5
-
SHA1
519d06745dad2be35d2de25f9739b80ea64e1fdd
-
SHA256
0fd5789a6ff2a978eddc093ac89df7192d17fd73825042c44acc844d7aa6517e
-
SHA512
6f263987d0d432d7b8d6080be1a5bd69d35f458ada851c301ec4162d91e14e9a6fcd20115920943ebf86ea4a64fd4c6e781ab430cc0c8eed97a5ed834686ae5b
-
SSDEEP
12288:UKHp9fDIItMm2o44sGTdBqWvwD+8ChCbW3XTjY1r1RtH8ePhAU5u0AhpZxAh9gJ:UorLkbDEhyW3XS1RtcePKUBATZxXJ
Score10/10-
FlawedAmmyy RAT
Remote-access trojan based on leaked code for the Ammyy remote admin software.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-