ammyyadmin | 47fc82320114cf2d2536acb931dc4dd8f83237b344b130780752c705af1a0e61 | Triage

Submit
Reports

Overview

overview

Static

static

b3cd481ab5...18.exe

windows7-x64

b3cd481ab5...18.exe

windows10-2004-x64

Sharing

General

Target

b3cd481ab5d2cba65b0318df5a6ed582_JaffaCakes118
Size

740KB
Sample

241129-2aba5ayrez
MD5

b3cd481ab5d2cba65b0318df5a6ed582
SHA1

2e04afbbf9e4cbaabd3fab2c6a35d8885229d74c
SHA256

47fc82320114cf2d2536acb931dc4dd8f83237b344b130780752c705af1a0e61
SHA512

45278999127ded36b05e0027a61036cf465233d918471694f570a61ae93367e1c7af3ca3f201c6bc9a958ee65fcacf83fd864e0f623f1fd4625d4ea8b3458bd3
SSDEEP

12288:1UYpJqMH2OwlaUPcWWw5XZV8f64RteVpN5ETMasTjsgvP34:tpJJWOwlaUPcWWwRZb4Rt+N5WMasHh4

Score

10^/10

ammyyadmin flawedammyy discovery trojan

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

b3cd481ab5d2cba65b0318df5a6ed582_JaffaCakes118.exe

Resource

win7-20240903-en

flawedammyy discovery trojan

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

b3cd481ab5d2cba65b0318df5a6ed582_JaffaCakes118.exe

Resource

win10v2004-20241007-en

flawedammyy discovery trojan

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  b3cd481ab5d2cba65b0318df5a6ed582_JaffaCakes118
- Size
  
  740KB
- MD5
  
  b3cd481ab5d2cba65b0318df5a6ed582
- SHA1
  
  2e04afbbf9e4cbaabd3fab2c6a35d8885229d74c
- SHA256
  
  47fc82320114cf2d2536acb931dc4dd8f83237b344b130780752c705af1a0e61
- SHA512
  
  45278999127ded36b05e0027a61036cf465233d918471694f570a61ae93367e1c7af3ca3f201c6bc9a958ee65fcacf83fd864e0f623f1fd4625d4ea8b3458bd3
- SSDEEP
  
  12288:1UYpJqMH2OwlaUPcWWw5XZV8f64RteVpN5ETMasTjsgvP34:tpJJWOwlaUPcWWwRZb4Rt+N5WMasHh4
Score

10^/10

flawedammyy discovery trojan
- FlawedAmmyy RAT
  Remote-access trojan based on leaked code for the Ammyy remote admin software.
  trojan flawedammyy
- Flawedammyy family
  flawedammyy
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

flawedammyydiscoverytrojan

behavioral2

flawedammyydiscoverytrojan

© 2018-2025

Terms | Privacy