Description
Amadey bot is a simple trojan bot primarily used for collecting reconnaissance information.
9f9aa45ca67f42daad24374f9543e88bcbe3010236890ae608a5bf409ff91bcb
292KB
211224-t51khaefg4
1455074a86fc7f450c32cd28202e77d4
5134057b1b5083000477acef28a8a34e2d50e1c2
9f9aa45ca67f42daad24374f9543e88bcbe3010236890ae608a5bf409ff91bcb
044c86cf4f5dd483aa5d45414153c08664c2c5cd48318afa0760f186e459c3de39549e26afcc546d432938422e6ca4cc9380bed473783c4e05ad93b18cd602b6
Family | smokeloader |
Version | 2020 |
C2 |
http://host-data-coin-11.com/ http://file-coin-host-12.com/ |
rc4.i32 |
|
rc4.i32 |
|
Family | tofsee |
C2 |
mubrikych.top oxxyfix.xyz |
Family | redline |
Botnet | 1 |
C2 |
86.107.197.138:38133 |
Family | amadey |
Version | 3.01 |
C2 |
185.215.113.35/d2VxjasuwS/index.php |
Family | raccoon |
Botnet | 10da56e7e71e97bdc1f36eb76813bbc3231de7e4 |
Attributes |
url4cnc http://194.180.174.53/capibar http://91.219.236.18/capibar http://194.180.174.41/capibar http://91.219.236.148/capibar https://t.me/capibar |
rc4.plain |
|
rc4.plain |
|
Family | amadey |
Version | 2.86 |
C2 |
2.56.56.210/notAnoob/index.php |
9f9aa45ca67f42daad24374f9543e88bcbe3010236890ae608a5bf409ff91bcb
1455074a86fc7f450c32cd28202e77d4
292KB
5134057b1b5083000477acef28a8a34e2d50e1c2
9f9aa45ca67f42daad24374f9543e88bcbe3010236890ae608a5bf409ff91bcb
044c86cf4f5dd483aa5d45414153c08664c2c5cd48318afa0760f186e459c3de39549e26afcc546d432938422e6ca4cc9380bed473783c4e05ad93b18cd602b6
Amadey bot is a simple trojan bot primarily used for collecting reconnaissance information.
Arkei is an infostealer written in C++.
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
Simple but powerful infostealer which was very active in 2019.
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
Modular backdoor trojan in use since 2014.
Backdoor/botnet which carries out malicious activities based on commands from a C2 server.
Vidar is an infostealer based on Arkei stealer.
Infostealers often target stored browser data, which can include saved credentials etc.
Looks up Uninstall key entries in the registry to enumerate software on the system.
Attempts to read the root path of hard drives other than the default C: drive.