General
-
Target
0ff043b64ff7becb675b108f6de4accaaff442ec8a4c5f02491f74a96e5a84ff.exe
-
Size
994KB
-
Sample
250108-azqcsswmbx
-
MD5
710a3728297c33caae605076a3182c46
-
SHA1
e44ca905bd42e355f93fbadbb2af01e046486a3a
-
SHA256
0ff043b64ff7becb675b108f6de4accaaff442ec8a4c5f02491f74a96e5a84ff
-
SHA512
539b846be965acdb67bc0bcfb882d7d5b77d79e2bd982cf09d8ed079505f7166222cc08b1a9d90042a54fd2e49cf2e1edf615c8933a6c78afa5af36a35ed5ad6
-
SSDEEP
24576:+MjPJ5g9KVGrdNikfu2hBfK8ilRty5olGJsxe:7J5gEKNikf3hBfUiWxe
Malware Config
Targets
-
-
Target
0ff043b64ff7becb675b108f6de4accaaff442ec8a4c5f02491f74a96e5a84ff.exe
-
Size
994KB
-
MD5
710a3728297c33caae605076a3182c46
-
SHA1
e44ca905bd42e355f93fbadbb2af01e046486a3a
-
SHA256
0ff043b64ff7becb675b108f6de4accaaff442ec8a4c5f02491f74a96e5a84ff
-
SHA512
539b846be965acdb67bc0bcfb882d7d5b77d79e2bd982cf09d8ed079505f7166222cc08b1a9d90042a54fd2e49cf2e1edf615c8933a6c78afa5af36a35ed5ad6
-
SSDEEP
24576:+MjPJ5g9KVGrdNikfu2hBfK8ilRty5olGJsxe:7J5gEKNikf3hBfUiWxe
Score10/10-
Ammyy Admin
Remote admin tool with various capabilities.
-
AmmyyAdmin payload
-
Ammyyadmin family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-