ammyyadmin | 0b0509972e95ddafc7b76fd4e85ef138d1bead1917542d8e4d3478c27b21fcd3 | Triage

Submit
Reports

Overview

overview

Static

static

AA_v3.exe

windows7-x64

AA_v3.exe

windows10-2004-x64

Sharing

General

Target

6fc6b6764eb4ac80f8e95a2f0f90fb01_JaffaCakes118
Size

405KB
Sample

240524-ze1qgaac7y
MD5

6fc6b6764eb4ac80f8e95a2f0f90fb01
SHA1

10561141d08a8f65ad7ae5f075830d3c0100ced6
SHA256

0b0509972e95ddafc7b76fd4e85ef138d1bead1917542d8e4d3478c27b21fcd3
SHA512

35a5ac8df0f5b96e497892f41822efdb0b967211d15282e1f1fe8556b59f45e6aa605eeb37824838ffb71806181177585fc9d9f4914f0f06e0e1a2ef7418064d
SSDEEP

12288:eu+0za6/lL3S5gHey3Ut/x3VEMme92UG4OWN0p:eu+qaYL3ae3Ut/xlEMcUJfN0p

Score

10^/10

ammyyadmin flawedammyy trojan

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

AA_v3.exe

Resource

win7-20240508-en

flawedammyy trojan

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

AA_v3.exe

Resource

win10v2004-20240508-en

flawedammyy trojan

windows10-2004-x64

2 signatures

150 seconds

Malware Config

Targets

- Target
  
  AA_v3.exe
- Size
  
  778KB
- MD5
  
  121e1634bf18768802427f0a13f039a9
- SHA1
  
  8868654ba10fb4c9a7bd882d1f947f4fd51e988e
- SHA256
  
  5fc600351bade74c2791fc526bca6bb606355cc65e5253f7f791254db58ee7fa
- SHA512
  
  393df326af3109fe701b579b73f42f7a9b155bb4df6ea7049ad3ae9fdd03446576b887a99eb7a0d59949a7a63367e223253448b6f1a0ebeaf358fa2873dcc200
- SSDEEP
  
  12288:hSX+EvrCA3FNIs34Zk1L1ZSNlm3Spsal6lbRtMuStGKcsCSqcl90Va1ugp:2FNN4Zk1LTclm3e1kbRtyGKcpHcl517p
Score

10^/10

flawedammyy trojan
- FlawedAmmyy RAT
  Remote-access trojan based on leaked code for the Ammyy remote admin software.
  trojan flawedammyy
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

flawedammyytrojan

behavioral2

flawedammyytrojan

© 2018-2024

Terms | Privacy