Overview

overview

10

Static

static

CONTRASEÑ...45.exe

windows7_x64

10

CONTRASEÑ...45.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    CONTRASEÑA544473415875315595728114914651743403766443087756259262775331427969255920220117852978145.exe

  • Size

    174KB

  • Sample

    210422-tvjmh4s9ce

  • MD5

    72060693e5ebcbab80d41cf905ba4025

  • SHA1

    84e128e1af6b133a8ba837f65cf4682ee4ca6066

  • SHA256

    abd47e708b483c496d4485e6b05d542932d01953b8d0177712c33fb9f8d20bd2

  • SHA512

    fda3208ff67f66b0495faa3054addcc10e5398fa75670171ffacae86797a4463e4b0aef05990578798c63fca97c9545f1225d854ace96606838a28ebbd424741

Score
10/10
amadeytrojan

Malware Config

Extracted

Family

amadey

Version

2.11

C2

176.111.174.67/7Ndd3SnW/index.php

Targets

    • Target

      CONTRASEÑA544473415875315595728114914651743403766443087756259262775331427969255920220117852978145.exe

    • Size

      174KB

    • MD5

      72060693e5ebcbab80d41cf905ba4025

    • SHA1

      84e128e1af6b133a8ba837f65cf4682ee4ca6066

    • SHA256

      abd47e708b483c496d4485e6b05d542932d01953b8d0177712c33fb9f8d20bd2

    • SHA512

      fda3208ff67f66b0495faa3054addcc10e5398fa75670171ffacae86797a4463e4b0aef05990578798c63fca97c9545f1225d854ace96606838a28ebbd424741

    Score
    10/10
    amadeytrojan

    • Amadey

      Amadey bot is a simple trojan bot primarily used for collecting reconnaissance information.

      trojanamadey

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks