General
-
Target
JaffaCakes118_8bc6564e0b71b72620a05107bd944932
-
Size
322KB
-
Sample
250329-vl5wjsyzhw
-
MD5
8bc6564e0b71b72620a05107bd944932
-
SHA1
822d1dd4ff04afc8fd08081ac3f837bed3b51405
-
SHA256
23aed4c0d4a9fbe7a448bd67cb0bf2b00fd8e7a6d07065d122d210ddb9a59579
-
SHA512
3a3b1dc823464dfd7ea75fcf338af78d1754214ce069f5ab9ab0e38a55655d55405d287a0880ed61809896f963b1687c227c3e149b1f97d8e4adfe515a39267a
-
SSDEEP
6144:lstGihDu2vLdLuzYk7D0EJJd6VjxIa65yPR4FV6ljQYxYLhBQTpNOas8w8plH:lsMihDu2vGj7eIa6GQ8GYxY1BXaPr/
Malware Config
Targets
-
-
Target
JaffaCakes118_8bc6564e0b71b72620a05107bd944932
-
Size
322KB
-
MD5
8bc6564e0b71b72620a05107bd944932
-
SHA1
822d1dd4ff04afc8fd08081ac3f837bed3b51405
-
SHA256
23aed4c0d4a9fbe7a448bd67cb0bf2b00fd8e7a6d07065d122d210ddb9a59579
-
SHA512
3a3b1dc823464dfd7ea75fcf338af78d1754214ce069f5ab9ab0e38a55655d55405d287a0880ed61809896f963b1687c227c3e149b1f97d8e4adfe515a39267a
-
SSDEEP
6144:lstGihDu2vLdLuzYk7D0EJJd6VjxIa65yPR4FV6ljQYxYLhBQTpNOas8w8plH:lsMihDu2vGj7eIa6GQ8GYxY1BXaPr/
Score10/10-
Ammyy Admin
Remote admin tool with various capabilities.
-
AmmyyAdmin payload
-
Ammyyadmin family
-
FlawedAmmyy RAT
Remote-access trojan based on leaked code for the Ammyy remote admin software.
-
Flawedammyy family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-