Overview

overview

10

Static

static

10

336948862b...18.exe

windows7-x64

10

336948862b...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    336948862bcd646d816c57c66115d835_JaffaCakes118

  • Size

    994KB

  • Sample

    240511-h6zttadc3z

  • MD5

    336948862bcd646d816c57c66115d835

  • SHA1

    45fdc37da7dbfd68e81ebba09f3b55490e6b1142

  • SHA256

    0b168b35821896e78a88efec428547e4959fc45981ce54b72cf8734403b31974

  • SHA512

    20577fde9851538e167d0f7a777ebd4b9a6c94aee6c5635e12cbd0e6980577a8541df47aa6e9a0c87ab7f93337801efc139486b29b87e0090e667854220aa1af

  • SSDEEP

    24576:4MjPJ5g9KVGrdNikfu2hBfK8ilRty5olGJsxl:dJ5gEKNikf3hBfUiWxl

Score
10/10
ammyyadminrat

Malware Config

Targets

    • Target

      336948862bcd646d816c57c66115d835_JaffaCakes118

    • Size

      994KB

    • MD5

      336948862bcd646d816c57c66115d835

    • SHA1

      45fdc37da7dbfd68e81ebba09f3b55490e6b1142

    • SHA256

      0b168b35821896e78a88efec428547e4959fc45981ce54b72cf8734403b31974

    • SHA512

      20577fde9851538e167d0f7a777ebd4b9a6c94aee6c5635e12cbd0e6980577a8541df47aa6e9a0c87ab7f93337801efc139486b29b87e0090e667854220aa1af

    • SSDEEP

      24576:4MjPJ5g9KVGrdNikfu2hBfK8ilRty5olGJsxl:dJ5gEKNikf3hBfUiWxl

    Score
    10/10
    ammyyadminrat

    • Ammyy Admin

      Remote admin tool with various capabilities.

      ratammyyadmin

    • AmmyyAdmin payload

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks