ammyyadmin | dd85d2a0e71d34b389efa691ea895415ea9a023c9ef61d5147bb2b8fb7e4d7b8 | Triage

Submit
Reports

Overview

overview

Static

static

4aebaeb95e...18.exe

windows7-x64

4aebaeb95e...18.exe

windows10-2004-x64

Sharing

General

Target

4aebaeb95e8c940900b4b3e8fe34368e_JaffaCakes118
Size

994KB
Sample

240516-nza5rsba6v
MD5

4aebaeb95e8c940900b4b3e8fe34368e
SHA1

a3aefd9283e47b2d7b889bb5a1a44afdaff511fa
SHA256

dd85d2a0e71d34b389efa691ea895415ea9a023c9ef61d5147bb2b8fb7e4d7b8
SHA512

ebf534d2efdf47e42ee7013d540809162c9fbd2f052b3c278b8bb4db0051ec72a1812a3ddfdba56a26cb3e2421c224222974f9dd3f12bcd2a98c452daed00abe
SSDEEP

24576:4MjPJ5g9KVGrdNikfu2hBfK8ilRty5olGJsx+:dJ5gEKNikf3hBfUiWx+

Score

10^/10

ammyyadmin rat

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

4aebaeb95e8c940900b4b3e8fe34368e_JaffaCakes118.exe

Resource

win7-20240508-en

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

4aebaeb95e8c940900b4b3e8fe34368e_JaffaCakes118.exe

Resource

win10v2004-20240508-en

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  4aebaeb95e8c940900b4b3e8fe34368e_JaffaCakes118
- Size
  
  994KB
- MD5
  
  4aebaeb95e8c940900b4b3e8fe34368e
- SHA1
  
  a3aefd9283e47b2d7b889bb5a1a44afdaff511fa
- SHA256
  
  dd85d2a0e71d34b389efa691ea895415ea9a023c9ef61d5147bb2b8fb7e4d7b8
- SHA512
  
  ebf534d2efdf47e42ee7013d540809162c9fbd2f052b3c278b8bb4db0051ec72a1812a3ddfdba56a26cb3e2421c224222974f9dd3f12bcd2a98c452daed00abe
- SSDEEP
  
  24576:4MjPJ5g9KVGrdNikfu2hBfK8ilRty5olGJsx+:dJ5gEKNikf3hBfUiWx+
Score

10^/10

ammyyadmin rat
- Ammyy Admin
  Remote admin tool with various capabilities.
  rat ammyyadmin
- AmmyyAdmin payload
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy