Overview

overview

10

Static

static

10

26661041b8...18.exe

windows7-x64

10

26661041b8...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    26661041b890d9c38d609f4b0f5808b7_JaffaCakes118

  • Size

    993KB

  • Sample

    240508-ybzhkabg8w

  • MD5

    26661041b890d9c38d609f4b0f5808b7

  • SHA1

    b0617a5e7b3f0b7fc00f10a394f23d14fc383394

  • SHA256

    c8699c13e051aa010b2aa009718f4fb0f1305e064ebce58367b4f1a407c1672c

  • SHA512

    75387428ec4377bc61777b9bfcfb884774ec38b40e5988fc9edbf23d536b7f9fc2ee32c93c46598b0616edca50912c71d5f68a6a6ad9259d5a45cce9325b6af6

  • SSDEEP

    24576:4MjPJ5g9KVGrdNikfu2hBfK8ilRty5olGJsxR:dJ5gEKNikf3hBfUiWxR

Score
10/10
ammyyadminrat

Malware Config

Targets

    • Target

      26661041b890d9c38d609f4b0f5808b7_JaffaCakes118

    • Size

      993KB

    • MD5

      26661041b890d9c38d609f4b0f5808b7

    • SHA1

      b0617a5e7b3f0b7fc00f10a394f23d14fc383394

    • SHA256

      c8699c13e051aa010b2aa009718f4fb0f1305e064ebce58367b4f1a407c1672c

    • SHA512

      75387428ec4377bc61777b9bfcfb884774ec38b40e5988fc9edbf23d536b7f9fc2ee32c93c46598b0616edca50912c71d5f68a6a6ad9259d5a45cce9325b6af6

    • SSDEEP

      24576:4MjPJ5g9KVGrdNikfu2hBfK8ilRty5olGJsxR:dJ5gEKNikf3hBfUiWxR

    Score
    10/10
    ammyyadminrat

    • Ammyy Admin

      Remote admin tool with various capabilities.

      ratammyyadmin

    • AmmyyAdmin payload

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks