ahmyth | 9be1b3efd006ebc4b5183ee57d0a127631bf64f9e1d96b93d3aec3df5664665e | Triage

Sharing

General

Target

AhMyth-Setup_ia32.exe
Size

102.7MB
Sample

240702-rby4gazcqm
MD5

6028f29cc52658b28bfb3b25367e64b8
SHA1

7a8ced5be410a3dd157ce9fac99bb1c264c6430c
SHA256

9be1b3efd006ebc4b5183ee57d0a127631bf64f9e1d96b93d3aec3df5664665e
SHA512

d3eefce64005673e90f099fdfd94a5de4c892ddab62d6004d6c60081a641e7ac757c669fd660ad90d7a6ca0978c8383e499bb86b2c4386fd7ef3134d80075ce6
SSDEEP

3145728:jbwV80nfz18Pjbn+a1UdvjkKgWEIY/LepyYyAeKB:EbzqPjbnpqjk7OH0YyJKB

Score

10^/10

ahmyth discovery

Malware Config

Extracted

Family

ahmyth

C2

http://192.168.225.241:42474

Targets

- Target
  
  AhMyth-Setup_ia32.exe
- Size
  
  102.7MB
- MD5
  
  6028f29cc52658b28bfb3b25367e64b8
- SHA1
  
  7a8ced5be410a3dd157ce9fac99bb1c264c6430c
- SHA256
  
  9be1b3efd006ebc4b5183ee57d0a127631bf64f9e1d96b93d3aec3df5664665e
- SHA512
  
  d3eefce64005673e90f099fdfd94a5de4c892ddab62d6004d6c60081a641e7ac757c669fd660ad90d7a6ca0978c8383e499bb86b2c4386fd7ef3134d80075ce6
- SSDEEP
  
  3145728:jbwV80nfz18Pjbn+a1UdvjkKgWEIY/LepyYyAeKB:EbzqPjbnpqjk7OH0YyJKB
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
- Modifies file permissions
  discovery
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Process Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1