Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

172ccd7a05...6N.exe

windows7-x64

10

172ccd7a05...6N.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    172ccd7a05670e06f4dfe6573418b4e1377cf3a7cd1e02a6f69030c9e37f17a6N.exe

  • Size

    720KB

  • Sample

    250120-jec2eaylew

  • MD5

    0b2f70657111edc438cedbf6f329b750

  • SHA1

    5b003bc40778186bbe298ddc51fe39648ec27068

  • SHA256

    172ccd7a05670e06f4dfe6573418b4e1377cf3a7cd1e02a6f69030c9e37f17a6

  • SHA512

    03dc71e0811c0cafb07be20382e0f5f2fefa145ce8a426bda5f2fc76b6097605cd03ba1ef4aba4a43dddeb2b04fafc4f69b38f38b71f8876748a2f876901c5c6

  • SSDEEP

    12288:tYdNctvsfu2LVBfKf057C9lRt3i5olGJsxhzag:edNikfu2hBfK8ilRty5olGJsxN

Score
10/10
ammyyadminflawedammyydiscoveryrattrojan

Malware Config

Targets

    • Target

      172ccd7a05670e06f4dfe6573418b4e1377cf3a7cd1e02a6f69030c9e37f17a6N.exe

    • Size

      720KB

    • MD5

      0b2f70657111edc438cedbf6f329b750

    • SHA1

      5b003bc40778186bbe298ddc51fe39648ec27068

    • SHA256

      172ccd7a05670e06f4dfe6573418b4e1377cf3a7cd1e02a6f69030c9e37f17a6

    • SHA512

      03dc71e0811c0cafb07be20382e0f5f2fefa145ce8a426bda5f2fc76b6097605cd03ba1ef4aba4a43dddeb2b04fafc4f69b38f38b71f8876748a2f876901c5c6

    • SSDEEP

      12288:tYdNctvsfu2LVBfKf057C9lRt3i5olGJsxhzag:edNikfu2hBfK8ilRty5olGJsxN

    Score
    10/10
    ammyyadminflawedammyydiscoveryrattrojan

    • Ammyy Admin

      Remote admin tool with various capabilities.

      ratammyyadmin

    • AmmyyAdmin payload

    • Ammyyadmin family

      ammyyadmin

    • FlawedAmmyy RAT

      Remote-access trojan based on leaked code for the Ammyy remote admin software.

      trojanflawedammyy

    • Flawedammyy family

      flawedammyy

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.