Overview

overview

10

Static

static

10

e4c5cb5600...18.exe

windows7-x64

10

e4c5cb5600...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e4c5cb5600f162c9c2b07dc567eeab9c_JaffaCakes118

  • Size

    1012KB

  • Sample

    240916-pncd5axenk

  • MD5

    e4c5cb5600f162c9c2b07dc567eeab9c

  • SHA1

    704d8eae46449d29aee7d7b56d12db9707b1bd8d

  • SHA256

    3302e919b5141e224999595eb83f1c125da15ee09143bd1c3b263fcbdaec0645

  • SHA512

    2b1ba83e28604d6b88bdcf3b057c9c066b4862516b0906123a5647887e878bb33b8383e0a2fdbfda492fa0d6b58e8815e1b1f1803622cf3b836dff9d487ba6dd

  • SSDEEP

    24576:+MjPJ5g9KVGrdNikfu2hBfK8ilRty5olGJsx5:7J5gEKNikf3hBfUiWx5

Score
10/10
ammyyadmindiscoveryratupx

Malware Config

Targets

    • Target

      e4c5cb5600f162c9c2b07dc567eeab9c_JaffaCakes118

    • Size

      1012KB

    • MD5

      e4c5cb5600f162c9c2b07dc567eeab9c

    • SHA1

      704d8eae46449d29aee7d7b56d12db9707b1bd8d

    • SHA256

      3302e919b5141e224999595eb83f1c125da15ee09143bd1c3b263fcbdaec0645

    • SHA512

      2b1ba83e28604d6b88bdcf3b057c9c066b4862516b0906123a5647887e878bb33b8383e0a2fdbfda492fa0d6b58e8815e1b1f1803622cf3b836dff9d487ba6dd

    • SSDEEP

      24576:+MjPJ5g9KVGrdNikfu2hBfK8ilRty5olGJsx5:7J5gEKNikf3hBfUiWx5

    Score
    10/10
    ammyyadmindiscoveryratupx

    • Ammyy Admin

      Remote admin tool with various capabilities.

      ratammyyadmin

    • AmmyyAdmin payload

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks