ammyyadmin | 74656a65e96590a2734384bf89cb9ff677dcedff5f6e937d350b9f46ec52cd0a | Triage

Submit
Reports

Overview

overview

Static

static

Ammyy.exe

windows7-x64

Ammyy.exe

windows10-2004-x64

Sharing

General

Target

Ammyy.exe
Size

748KB
Sample

241031-tfy1da1crd
MD5

3b4ed97de29af222837095a7c411b8a1
SHA1

ea003f86db4cf74e4348e7e43e4732597e04db96
SHA256

74656a65e96590a2734384bf89cb9ff677dcedff5f6e937d350b9f46ec52cd0a
SHA512

2e1d1365163b08310e5112063be8ebd0ec1aa8c20a0872eef021978d6eb04a7b3d50af0a6472c246443585e665df2daa1e1a44a166780a8bf01de098a016e572
SSDEEP

12288:3VFUEuNmwvGrw9i0aTGRGicBckyyFRtWY1i3FTsvOVVUg0:XUEUUw9RaTNicBrPFRtJ1iVTsCZ0

Score

10^/10

ammyyadmin flawedammyy discovery trojan

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

Ammyy.exe

Resource

win7-20240903-en

flawedammyy discovery trojan

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

Ammyy.exe

Resource

win10v2004-20241007-en

flawedammyy discovery trojan

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  Ammyy.exe
- Size
  
  748KB
- MD5
  
  3b4ed97de29af222837095a7c411b8a1
- SHA1
  
  ea003f86db4cf74e4348e7e43e4732597e04db96
- SHA256
  
  74656a65e96590a2734384bf89cb9ff677dcedff5f6e937d350b9f46ec52cd0a
- SHA512
  
  2e1d1365163b08310e5112063be8ebd0ec1aa8c20a0872eef021978d6eb04a7b3d50af0a6472c246443585e665df2daa1e1a44a166780a8bf01de098a016e572
- SSDEEP
  
  12288:3VFUEuNmwvGrw9i0aTGRGicBckyyFRtWY1i3FTsvOVVUg0:XUEUUw9RaTNicBrPFRtJ1iVTsCZ0
Score

10^/10

flawedammyy discovery trojan
- FlawedAmmyy RAT
  Remote-access trojan based on leaked code for the Ammyy remote admin software.
  trojan flawedammyy
- Flawedammyy family
  flawedammyy
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

flawedammyydiscoverytrojan

behavioral2

flawedammyydiscoverytrojan

© 2018-2024

Terms | Privacy