Overview

overview

10

Static

static

98d1aae2b7...3b.exe

windows7_x64

10

98d1aae2b7...3b.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    98d1aae2b75e1bc8086558b25489e6a808ecb1cbd361b2ddd9cc8c8ac6d7f03b.exe

  • Size

    292KB

  • Sample

    210413-88g23r7fqe

  • MD5

    4eb21d088f620a9f5c312849430476f6

  • SHA1

    3b882b42b65067530fc51f490dd06b4ce2966acd

  • SHA256

    98d1aae2b75e1bc8086558b25489e6a808ecb1cbd361b2ddd9cc8c8ac6d7f03b

  • SHA512

    163e02345376d5730cb7b11b1514a4edeee776ff4d8756cb56fe152844297e26cbe1c4d71f17c6e1a790ddbcc83ad5636e1260b45212a75870742b46171954c3

Score
10/10
amadeytrojan

Malware Config

Extracted

Family

amadey

Version

2.15

C2

umbrelladownload.uno/gp6GbqVce/index.php

umbrelladownload.fun/gp6GbqVce/index.php

umbrelladownload.host/gp6GbqVce/index.php

Targets

    • Target

      98d1aae2b75e1bc8086558b25489e6a808ecb1cbd361b2ddd9cc8c8ac6d7f03b.exe

    • Size

      292KB

    • MD5

      4eb21d088f620a9f5c312849430476f6

    • SHA1

      3b882b42b65067530fc51f490dd06b4ce2966acd

    • SHA256

      98d1aae2b75e1bc8086558b25489e6a808ecb1cbd361b2ddd9cc8c8ac6d7f03b

    • SHA512

      163e02345376d5730cb7b11b1514a4edeee776ff4d8756cb56fe152844297e26cbe1c4d71f17c6e1a790ddbcc83ad5636e1260b45212a75870742b46171954c3

    Score
    10/10
    amadeytrojan

    • Amadey

      Amadey bot is a simple trojan bot primarily used for collecting reconnaissance information.

      trojanamadey

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks