General

  • Target

    d8829f7135eba7a5c35870333582733a5a586d354a82490b69bf1e772118dc5eN

  • Size

    1013KB

  • Sample

    241009-ps72lavbmk

  • MD5

    d64b1982a74b76baff2ea716f543c250

  • SHA1

    c7cb1c0b7686def8168f42af3cd7a9ce526a0372

  • SHA256

    d8829f7135eba7a5c35870333582733a5a586d354a82490b69bf1e772118dc5e

  • SHA512

    b504b363c952221317365f52a72875c2b4b3eba0d12e23e311595eb8917c359369da23a49511cab919a8f2363219e7dc69c100d496cb0f3323d2df4065fd4e54

  • SSDEEP

    24576:+MjPJ5g9KVGrdNikfu2hBfK8ilRty5olGJsxc:7J5gEKNikf3hBfUiWxc

Malware Config

Targets

    • Target

      d8829f7135eba7a5c35870333582733a5a586d354a82490b69bf1e772118dc5eN

    • Size

      1013KB

    • MD5

      d64b1982a74b76baff2ea716f543c250

    • SHA1

      c7cb1c0b7686def8168f42af3cd7a9ce526a0372

    • SHA256

      d8829f7135eba7a5c35870333582733a5a586d354a82490b69bf1e772118dc5e

    • SHA512

      b504b363c952221317365f52a72875c2b4b3eba0d12e23e311595eb8917c359369da23a49511cab919a8f2363219e7dc69c100d496cb0f3323d2df4065fd4e54

    • SSDEEP

      24576:+MjPJ5g9KVGrdNikfu2hBfK8ilRty5olGJsxc:7J5gEKNikf3hBfUiWxc

    • Ammyy Admin

      Remote admin tool with various capabilities.

    • AmmyyAdmin payload

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks