Overview

overview

10

Static

static

Adj_Proces...35.exe

windows7_x64

10

Adj_Proces...35.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Adj_Proceso77727212556164025699106096354430573416984700123904824645273838987440239601743035.exe

  • Size

    325KB

  • Sample

    210224-fnch3qpstx

  • MD5

    f8bdaa4de9861b0d490490deaa372625

  • SHA1

    f72e8b2d815af12760656339adb7f9ca6f633e2a

  • SHA256

    2f1103e99fb464143a58c654763fe9c8ea25dfa84d04cfa9a1557fcb891330f5

  • SHA512

    e5c61deed4df89f3fcfa3671ba3ddaa9fe8ef8f32815160e51f233dd400dbc8fd19716f4e04edd482ffe0a47577bb6b627464d7c1d8156547d988b07e4013875

Score
10/10
amadeytrojan

Malware Config

Extracted

Family

amadey

Version

2.07

C2

91.241.19.159/m7vvsw2dsQ/index.php

Targets

    • Target

      Adj_Proceso77727212556164025699106096354430573416984700123904824645273838987440239601743035.exe

    • Size

      325KB

    • MD5

      f8bdaa4de9861b0d490490deaa372625

    • SHA1

      f72e8b2d815af12760656339adb7f9ca6f633e2a

    • SHA256

      2f1103e99fb464143a58c654763fe9c8ea25dfa84d04cfa9a1557fcb891330f5

    • SHA512

      e5c61deed4df89f3fcfa3671ba3ddaa9fe8ef8f32815160e51f233dd400dbc8fd19716f4e04edd482ffe0a47577bb6b627464d7c1d8156547d988b07e4013875

    Score
    10/10
    amadeytrojan

    • Amadey

      Amadey bot is a simple trojan bot primarily used for collecting reconnaissance information.

      trojanamadey

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks