Overview

overview

10

Static

static

10

0a2db0793c...18.exe

windows7-x64

10

0a2db0793c...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0a2db0793c7d7e186a05c292f55b76b4_JaffaCakes118

  • Size

    994KB

  • Sample

    240430-vqdymadc52

  • MD5

    0a2db0793c7d7e186a05c292f55b76b4

  • SHA1

    33c942c08185eda35f35e5ad1c1303344fe5509e

  • SHA256

    e1b8b6445b69588b956849f669d254deb7ed738618ba3510571a1005c4eeecd7

  • SHA512

    3fe887dd40a84fafb66837184c367a1be0cf79884eb0da2890d14dd501217ba37e9c398660e26e5b838d148f9f7f05adddf63fdfd06aca69aac05e63eda0f8ec

  • SSDEEP

    24576:4MjPJ5g9KVGrdNikfu2hBfK8ilRty5olGJsxy:dJ5gEKNikf3hBfUiWxy

Score
10/10
ammyyadminrat

Malware Config

Targets

    • Target

      0a2db0793c7d7e186a05c292f55b76b4_JaffaCakes118

    • Size

      994KB

    • MD5

      0a2db0793c7d7e186a05c292f55b76b4

    • SHA1

      33c942c08185eda35f35e5ad1c1303344fe5509e

    • SHA256

      e1b8b6445b69588b956849f669d254deb7ed738618ba3510571a1005c4eeecd7

    • SHA512

      3fe887dd40a84fafb66837184c367a1be0cf79884eb0da2890d14dd501217ba37e9c398660e26e5b838d148f9f7f05adddf63fdfd06aca69aac05e63eda0f8ec

    • SSDEEP

      24576:4MjPJ5g9KVGrdNikfu2hBfK8ilRty5olGJsxy:dJ5gEKNikf3hBfUiWxy

    Score
    10/10
    ammyyadminrat

    • Ammyy Admin

      Remote admin tool with various capabilities.

      ratammyyadmin

    • AmmyyAdmin payload

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks