FlawedAmmyy (3c1003a2-8364-467a-b9b8-fcc19724a9b5)
FlawedAmmyy, has been used since the beginning of 2016 in both highly targeted email attacks as well as massive, multi-million message campaigns. The RAT is based on leaked source code for Version 3 of the Ammyy Admin remote desktop software. As such FlawedAmmyy contains the functionality of the leaked version, including: Remote Desktop control, File system manager, Proxy support, Audio Chat.
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| FlawedAmmyy (18419355-fd28-41a6-bffe-2df68a7166c4) | Malpedia | FlawedAmmyy (3c1003a2-8364-467a-b9b8-fcc19724a9b5) | RAT | 1 |
| FlawedAmmyy (3c1003a2-8364-467a-b9b8-fcc19724a9b5) | RAT | Truebot (ad6d0074-476e-4c05-b0d9-79404f71bbba) | Tool | 1 |