ammyyadmin | 7769722d0139b95d05004028ecb7de6c5d2710332fd69dd0b99796d77b1dbc33 | Triage

Submit
Reports

Overview

overview

Static

static

7769722d01...33.exe

windows7-x64

7769722d01...33.exe

windows10-2004-x64

Sharing

General

Target

7769722d0139b95d05004028ecb7de6c5d2710332fd69dd0b99796d77b1dbc33.exe
Size

720KB
Sample

250108-sk1t4axjbn
MD5

b524424eca8eb35d121f284a50bc2f76
SHA1

e47097b7d1e1338785ab188dedbe40bec22254de
SHA256

7769722d0139b95d05004028ecb7de6c5d2710332fd69dd0b99796d77b1dbc33
SHA512

a70f9442df6b1645d1b81ad128dad3db114eadc7f58c2bb1198128a0b55078655b8c2cc71f61223aea37961b47342f3b3f3b3a8ceb48c4a67daf488df48dd6e8
SSDEEP

12288:PYdNctvsfu2LVBfKf057C9lRt3i5olGJsxhzVEg4:wdNikfu2hBfK8ilRty5olGJsxd4

Score

10^/10

ammyyadmin flawedammyy discovery trojan

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

7769722d0139b95d05004028ecb7de6c5d2710332fd69dd0b99796d77b1dbc33.exe

Resource

win7-20240903-en

flawedammyy discovery trojan

windows7-x64

8 signatures

120 seconds

Behavioral task

behavioral2

Sample

7769722d0139b95d05004028ecb7de6c5d2710332fd69dd0b99796d77b1dbc33.exe

Resource

win10v2004-20241007-en

flawedammyy discovery trojan

windows10-2004-x64

8 signatures

120 seconds

Malware Config

Targets

- Target
  
  7769722d0139b95d05004028ecb7de6c5d2710332fd69dd0b99796d77b1dbc33.exe
- Size
  
  720KB
- MD5
  
  b524424eca8eb35d121f284a50bc2f76
- SHA1
  
  e47097b7d1e1338785ab188dedbe40bec22254de
- SHA256
  
  7769722d0139b95d05004028ecb7de6c5d2710332fd69dd0b99796d77b1dbc33
- SHA512
  
  a70f9442df6b1645d1b81ad128dad3db114eadc7f58c2bb1198128a0b55078655b8c2cc71f61223aea37961b47342f3b3f3b3a8ceb48c4a67daf488df48dd6e8
- SSDEEP
  
  12288:PYdNctvsfu2LVBfKf057C9lRt3i5olGJsxhzVEg4:wdNikfu2hBfK8ilRty5olGJsxd4
Score

10^/10

flawedammyy discovery trojan
- FlawedAmmyy RAT
  Remote-access trojan based on leaked code for the Ammyy remote admin software.
  trojan flawedammyy
- Flawedammyy family
  flawedammyy
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

flawedammyydiscoverytrojan

behavioral2

flawedammyydiscoverytrojan

© 2018-2025

Terms | Privacy