Description
Amadey bot is a simple trojan bot primarily used for collecting reconnaissance information.
f7489439d56c41cebdd5851b551b9041fab77d39e5b9d2683661a8d0ec516e2a
291KB
211224-sztpbseee8
46916331a886a8548248a3993b64b6c2
12448fc24f5abc8cad02f95638913c6b2361250b
f7489439d56c41cebdd5851b551b9041fab77d39e5b9d2683661a8d0ec516e2a
6ba9da79743c2142bcbf0b8b4262957617c770910ede8e86d659a355d4b89d13bf46d86265eec17e8a96ae485e7858bfc22e384636321d839168d8aaeb99d12f
Family | smokeloader |
Version | 2020 |
C2 |
http://host-data-coin-11.com/ http://file-coin-host-12.com/ |
rc4.i32 |
|
rc4.i32 |
|
Family | tofsee |
C2 |
mubrikych.top oxxyfix.xyz |
Family | redline |
Botnet | 1 |
C2 |
86.107.197.138:38133 |
Family | amadey |
Version | 3.01 |
C2 |
185.215.113.35/d2VxjasuwS/index.php |
Family | raccoon |
Botnet | 10da56e7e71e97bdc1f36eb76813bbc3231de7e4 |
Attributes |
url4cnc http://194.180.174.53/capibar http://91.219.236.18/capibar http://194.180.174.41/capibar http://91.219.236.148/capibar https://t.me/capibar |
rc4.plain |
|
rc4.plain |
|
Family | amadey |
Version | 2.86 |
C2 |
2.56.56.210/notAnoob/index.php |
f7489439d56c41cebdd5851b551b9041fab77d39e5b9d2683661a8d0ec516e2a
46916331a886a8548248a3993b64b6c2
291KB
12448fc24f5abc8cad02f95638913c6b2361250b
f7489439d56c41cebdd5851b551b9041fab77d39e5b9d2683661a8d0ec516e2a
6ba9da79743c2142bcbf0b8b4262957617c770910ede8e86d659a355d4b89d13bf46d86265eec17e8a96ae485e7858bfc22e384636321d839168d8aaeb99d12f
Amadey bot is a simple trojan bot primarily used for collecting reconnaissance information.
Arkei is an infostealer written in C++.
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
Simple but powerful infostealer which was very active in 2019.
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
Modular backdoor trojan in use since 2014.
Backdoor/botnet which carries out malicious activities based on commands from a C2 server.
Vidar is an infostealer based on Arkei stealer.
Infostealers often target stored browser data, which can include saved credentials etc.
Looks up Uninstall key entries in the registry to enumerate software on the system.
Attempts to read the root path of hard drives other than the default C: drive.