General

  • Target

    7769722d0139b95d05004028ecb7de6c5d2710332fd69dd0b99796d77b1dbc33.exe

  • Size

    720KB

  • Sample

    250108-sk1t4axjbn

  • MD5

    b524424eca8eb35d121f284a50bc2f76

  • SHA1

    e47097b7d1e1338785ab188dedbe40bec22254de

  • SHA256

    7769722d0139b95d05004028ecb7de6c5d2710332fd69dd0b99796d77b1dbc33

  • SHA512

    a70f9442df6b1645d1b81ad128dad3db114eadc7f58c2bb1198128a0b55078655b8c2cc71f61223aea37961b47342f3b3f3b3a8ceb48c4a67daf488df48dd6e8

  • SSDEEP

    12288:PYdNctvsfu2LVBfKf057C9lRt3i5olGJsxhzVEg4:wdNikfu2hBfK8ilRty5olGJsxd4

Malware Config

Targets

    • Target

      7769722d0139b95d05004028ecb7de6c5d2710332fd69dd0b99796d77b1dbc33.exe

    • Size

      720KB

    • MD5

      b524424eca8eb35d121f284a50bc2f76

    • SHA1

      e47097b7d1e1338785ab188dedbe40bec22254de

    • SHA256

      7769722d0139b95d05004028ecb7de6c5d2710332fd69dd0b99796d77b1dbc33

    • SHA512

      a70f9442df6b1645d1b81ad128dad3db114eadc7f58c2bb1198128a0b55078655b8c2cc71f61223aea37961b47342f3b3f3b3a8ceb48c4a67daf488df48dd6e8

    • SSDEEP

      12288:PYdNctvsfu2LVBfKf057C9lRt3i5olGJsxhzVEg4:wdNikfu2hBfK8ilRty5olGJsxd4

    • FlawedAmmyy RAT

      Remote-access trojan based on leaked code for the Ammyy remote admin software.

    • Flawedammyy family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.