Description
Amadey bot is a simple trojan bot primarily used for collecting reconnaissance information.
db31806cc7eacb4af123f8830cd1cb931c637250a1f393f4b1df6a407daa7cf0
291KB
211224-p623haebe5
55a10b4224a945cf4b7124e0b5c8c1e2
dc3ee2bb2b5d4d5ed52721827b4f3fdc71058464
db31806cc7eacb4af123f8830cd1cb931c637250a1f393f4b1df6a407daa7cf0
5a58493d837fbdf56d9adb2f5422287f3fa1a816148caabee1e5b730c6d8af748d5ee46e495a2adcbe1d33b1740ea30fc734d28009ca007ffa2a984479c21631
Family | smokeloader |
Version | 2020 |
C2 |
http://host-data-coin-11.com/ http://file-coin-host-12.com/ |
rc4.i32 |
|
rc4.i32 |
|
Family | tofsee |
C2 |
mubrikych.top oxxyfix.xyz |
Family | redline |
Botnet | 1 |
C2 |
86.107.197.138:38133 |
Family | amadey |
Version | 3.01 |
C2 |
185.215.113.35/d2VxjasuwS/index.php |
Family | raccoon |
Botnet | 10da56e7e71e97bdc1f36eb76813bbc3231de7e4 |
Attributes |
url4cnc http://194.180.174.53/capibar http://91.219.236.18/capibar http://194.180.174.41/capibar http://91.219.236.148/capibar https://t.me/capibar |
rc4.plain |
|
rc4.plain |
|
Family | amadey |
Version | 2.86 |
C2 |
2.56.56.210/notAnoob/index.php |
db31806cc7eacb4af123f8830cd1cb931c637250a1f393f4b1df6a407daa7cf0
55a10b4224a945cf4b7124e0b5c8c1e2
291KB
dc3ee2bb2b5d4d5ed52721827b4f3fdc71058464
db31806cc7eacb4af123f8830cd1cb931c637250a1f393f4b1df6a407daa7cf0
5a58493d837fbdf56d9adb2f5422287f3fa1a816148caabee1e5b730c6d8af748d5ee46e495a2adcbe1d33b1740ea30fc734d28009ca007ffa2a984479c21631
Amadey bot is a simple trojan bot primarily used for collecting reconnaissance information.
Arkei is an infostealer written in C++.
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
Simple but powerful infostealer which was very active in 2019.
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
Modular backdoor trojan in use since 2014.
Backdoor/botnet which carries out malicious activities based on commands from a C2 server.
Infostealers often target stored browser data, which can include saved credentials etc.
Looks up Uninstall key entries in the registry to enumerate software on the system.
Attempts to read the root path of hard drives other than the default C: drive.