Description
Amadey bot is a simple trojan bot primarily used for collecting reconnaissance information.
f10b596f9377fc3cbf471a92fad324045f59f4ccb97d67ec08f40e02885a2327
291KB
211224-rehwnaech7
90e65599ae80c6bed076f9b966d3952e
da6a8f731ce4d8e3e45f434576c30b42a3c820ea
f10b596f9377fc3cbf471a92fad324045f59f4ccb97d67ec08f40e02885a2327
80c14c0572f16a8c791b3c5121b28dbd0c5b2c5fa4649fc907b1255e078bd789fbee9db877361f9575f3bb0d09fa38d39f4567c70f42c613f2a639f4dc1dd6b5
Family | smokeloader |
Version | 2020 |
C2 |
http://host-data-coin-11.com/ http://file-coin-host-12.com/ |
rc4.i32 |
|
rc4.i32 |
|
Family | tofsee |
C2 |
mubrikych.top oxxyfix.xyz |
Family | redline |
Botnet | 1 |
C2 |
86.107.197.138:38133 |
Family | amadey |
Version | 3.01 |
C2 |
185.215.113.35/d2VxjasuwS/index.php |
Family | raccoon |
Botnet | 10da56e7e71e97bdc1f36eb76813bbc3231de7e4 |
Attributes |
url4cnc http://194.180.174.53/capibar http://91.219.236.18/capibar http://194.180.174.41/capibar http://91.219.236.148/capibar https://t.me/capibar |
rc4.plain |
|
rc4.plain |
|
Family | amadey |
Version | 2.86 |
C2 |
2.56.56.210/notAnoob/index.php |
f10b596f9377fc3cbf471a92fad324045f59f4ccb97d67ec08f40e02885a2327
90e65599ae80c6bed076f9b966d3952e
291KB
da6a8f731ce4d8e3e45f434576c30b42a3c820ea
f10b596f9377fc3cbf471a92fad324045f59f4ccb97d67ec08f40e02885a2327
80c14c0572f16a8c791b3c5121b28dbd0c5b2c5fa4649fc907b1255e078bd789fbee9db877361f9575f3bb0d09fa38d39f4567c70f42c613f2a639f4dc1dd6b5
Amadey bot is a simple trojan bot primarily used for collecting reconnaissance information.
Arkei is an infostealer written in C++.
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
Simple but powerful infostealer which was very active in 2019.
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
Modular backdoor trojan in use since 2014.
Backdoor/botnet which carries out malicious activities based on commands from a C2 server.
Infostealers often target stored browser data, which can include saved credentials etc.
Looks up Uninstall key entries in the registry to enumerate software on the system.
Attempts to read the root path of hard drives other than the default C: drive.