Overview

overview

10

Static

static

10

7769722d01...33.exe

windows7-x64

10

7769722d01...33.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7769722d0139b95d05004028ecb7de6c5d2710332fd69dd0b99796d77b1dbc33.exe

  • Size

    720KB

  • Sample

    250108-snm3eatrhz

  • MD5

    b524424eca8eb35d121f284a50bc2f76

  • SHA1

    e47097b7d1e1338785ab188dedbe40bec22254de

  • SHA256

    7769722d0139b95d05004028ecb7de6c5d2710332fd69dd0b99796d77b1dbc33

  • SHA512

    a70f9442df6b1645d1b81ad128dad3db114eadc7f58c2bb1198128a0b55078655b8c2cc71f61223aea37961b47342f3b3f3b3a8ceb48c4a67daf488df48dd6e8

  • SSDEEP

    12288:PYdNctvsfu2LVBfKf057C9lRt3i5olGJsxhzVEg4:wdNikfu2hBfK8ilRty5olGJsxd4

Score
10/10
ammyyadminflawedammyydiscoverytrojan

Malware Config

Targets

    • Target

      7769722d0139b95d05004028ecb7de6c5d2710332fd69dd0b99796d77b1dbc33.exe

    • Size

      720KB

    • MD5

      b524424eca8eb35d121f284a50bc2f76

    • SHA1

      e47097b7d1e1338785ab188dedbe40bec22254de

    • SHA256

      7769722d0139b95d05004028ecb7de6c5d2710332fd69dd0b99796d77b1dbc33

    • SHA512

      a70f9442df6b1645d1b81ad128dad3db114eadc7f58c2bb1198128a0b55078655b8c2cc71f61223aea37961b47342f3b3f3b3a8ceb48c4a67daf488df48dd6e8

    • SSDEEP

      12288:PYdNctvsfu2LVBfKf057C9lRt3i5olGJsxhzVEg4:wdNikfu2hBfK8ilRty5olGJsxd4

    Score
    10/10
    flawedammyydiscoverytrojan

    • FlawedAmmyy RAT

      Remote-access trojan based on leaked code for the Ammyy remote admin software.

      trojanflawedammyy

    • Flawedammyy family

      flawedammyy

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks