ammyyadmin | a6f814b525fbedec982f569c29d67cb11fb232ae5951eba4ecb6f62a2eeefb9c | Triage

Submit
Reports

Overview

overview

Static

static

JaffaCakes...d0.exe

windows7-x64

JaffaCakes...d0.exe

windows10-2004-x64

Sharing

General

Target

JaffaCakes118_6bc5c1e1e9b7647b14ee5ffd0f53abd0
Size

720KB
Sample

250103-ltl9qsxnhw
MD5

6bc5c1e1e9b7647b14ee5ffd0f53abd0
SHA1

3c9d020fab99d225a5b269901e226cb3d3c18bb8
SHA256

a6f814b525fbedec982f569c29d67cb11fb232ae5951eba4ecb6f62a2eeefb9c
SHA512

6cd0464098b45b6444985e9902070b7dfc3f4228a7d6445ac1e3a949f2b4fa3f9b8045a1d165309406605fec55eb93e248797ef9a076959defdad532626e97de
SSDEEP

12288:PYdNctvsfu2LVBfKf057C9lRt3i5olGJsxhzVEg4:wdNikfu2hBfK8ilRty5olGJsxd4

Score

10^/10

ammyyadmin flawedammyy discovery trojan

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

JaffaCakes118_6bc5c1e1e9b7647b14ee5ffd0f53abd0.exe

Resource

win7-20240903-en

flawedammyy discovery trojan

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

JaffaCakes118_6bc5c1e1e9b7647b14ee5ffd0f53abd0.exe

Resource

win10v2004-20241007-en

flawedammyy discovery trojan

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  JaffaCakes118_6bc5c1e1e9b7647b14ee5ffd0f53abd0
- Size
  
  720KB
- MD5
  
  6bc5c1e1e9b7647b14ee5ffd0f53abd0
- SHA1
  
  3c9d020fab99d225a5b269901e226cb3d3c18bb8
- SHA256
  
  a6f814b525fbedec982f569c29d67cb11fb232ae5951eba4ecb6f62a2eeefb9c
- SHA512
  
  6cd0464098b45b6444985e9902070b7dfc3f4228a7d6445ac1e3a949f2b4fa3f9b8045a1d165309406605fec55eb93e248797ef9a076959defdad532626e97de
- SSDEEP
  
  12288:PYdNctvsfu2LVBfKf057C9lRt3i5olGJsxhzVEg4:wdNikfu2hBfK8ilRty5olGJsxd4
Score

10^/10

flawedammyy discovery trojan
- FlawedAmmyy RAT
  Remote-access trojan based on leaked code for the Ammyy remote admin software.
  trojan flawedammyy
- Flawedammyy family
  flawedammyy
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

flawedammyydiscoverytrojan

behavioral2

flawedammyydiscoverytrojan

© 2018-2025

Terms | Privacy