Overview

overview

10

Static

static

10

d260bab3f7...cs.exe

windows7-x64

10

d260bab3f7...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d260bab3f77e21df19a76ff9d9795d50_NeikiAnalytics

  • Size

    956KB

  • Sample

    240515-pvt8hshh98

  • MD5

    d260bab3f77e21df19a76ff9d9795d50

  • SHA1

    f22e0cbc2d344fbd19b12d02320881e53d9e251f

  • SHA256

    f562ae4ac6fb307a2e3d0e8ab5af0ac38c3ed238e792550df6d09e0071b8ec55

  • SHA512

    287b533ceae2a2c4a3f3a4a1e537dce9c0137789faa057f822d43b05304704f2d798c9b6df05cb3308c815228a86670273354c9d5c07941c3902946fd66972ff

  • SSDEEP

    24576:4MjPJ5g9KVGrdNikfu2hBfK8ilRty5olGJsxE:dJ5gEKNikf3hBfUiWxE

Score
10/10
ammyyadminrat

Malware Config

Targets

    • Target

      d260bab3f77e21df19a76ff9d9795d50_NeikiAnalytics

    • Size

      956KB

    • MD5

      d260bab3f77e21df19a76ff9d9795d50

    • SHA1

      f22e0cbc2d344fbd19b12d02320881e53d9e251f

    • SHA256

      f562ae4ac6fb307a2e3d0e8ab5af0ac38c3ed238e792550df6d09e0071b8ec55

    • SHA512

      287b533ceae2a2c4a3f3a4a1e537dce9c0137789faa057f822d43b05304704f2d798c9b6df05cb3308c815228a86670273354c9d5c07941c3902946fd66972ff

    • SSDEEP

      24576:4MjPJ5g9KVGrdNikfu2hBfK8ilRty5olGJsxE:dJ5gEKNikf3hBfUiWxE

    Score
    10/10
    ammyyadminrat

    • Ammyy Admin

      Remote admin tool with various capabilities.

      ratammyyadmin

    • AmmyyAdmin payload

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks