Overview

overview

10

Static

static

10

9c384fc606...07.exe

windows7-x64

10

9c384fc606...07.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9c384fc60691037e8b54e626ff18fc892e7e3c0136ab9e878eacbeff2856fe07

  • Size

    980KB

  • Sample

    250110-fvaz7stje1

  • MD5

    bfe0f2c35d500d36d78c6ac25f54b357

  • SHA1

    78a918a1c92bc6abeed445c9fd54d40bc15cc78b

  • SHA256

    9c384fc60691037e8b54e626ff18fc892e7e3c0136ab9e878eacbeff2856fe07

  • SHA512

    fe9b047d466e052a8817d0a432601d8f86630158425f661db4840b439128c55a4477a8231432f2cf3129fe3a15a30ec598907838d6d5b301c54a29ad46433349

  • SSDEEP

    24576:eMjPJ5g9KVGrdNikfu2hBfK8ilRty5olGJsxC:bJ5gEKNikf3hBfUiWxC

Score
10/10
ammyyadmindiscoveryrat

Malware Config

Targets

    • Target

      9c384fc60691037e8b54e626ff18fc892e7e3c0136ab9e878eacbeff2856fe07

    • Size

      980KB

    • MD5

      bfe0f2c35d500d36d78c6ac25f54b357

    • SHA1

      78a918a1c92bc6abeed445c9fd54d40bc15cc78b

    • SHA256

      9c384fc60691037e8b54e626ff18fc892e7e3c0136ab9e878eacbeff2856fe07

    • SHA512

      fe9b047d466e052a8817d0a432601d8f86630158425f661db4840b439128c55a4477a8231432f2cf3129fe3a15a30ec598907838d6d5b301c54a29ad46433349

    • SSDEEP

      24576:eMjPJ5g9KVGrdNikfu2hBfK8ilRty5olGJsxC:bJ5gEKNikf3hBfUiWxC

    Score
    10/10
    ammyyadmindiscoveryrat

    • Ammyy Admin

      Remote admin tool with various capabilities.

      ratammyyadmin

    • AmmyyAdmin payload

    • Ammyyadmin family

      ammyyadmin

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks