Description
Amadey bot is a simple trojan bot primarily used for collecting reconnaissance information.
9e42b27f76923c2a6ddebd05933e1d88e1037c4c8e1a3ba062da412a156d05e5
292KB
211224-tmhxqsefc4
18d2cbf685246208a2ac7a90c10210de
9b0cd6e142a530459960985273a1fdcfa0ece53e
9e42b27f76923c2a6ddebd05933e1d88e1037c4c8e1a3ba062da412a156d05e5
a142883bdca36918f4352ce51bd8f6bf2ebd525f0b07bf816b141f295bc8cf480e23d4b813b204b9bf8d08c0547acea8bc3747d52c66cd0120adeacc3d3aca67
Family | smokeloader |
Version | 2020 |
C2 |
http://host-data-coin-11.com/ http://file-coin-host-12.com/ http://srtuiyhuali.at/ http://fufuiloirtu.com/ http://amogohuigotuli.at/ http://novohudosovu.com/ http://brutuilionust.com/ http://bubushkalioua.com/ http://dumuilistrati.at/ http://verboliatsiaeeees.com/ |
rc4.i32 |
|
rc4.i32 |
|
rc4.i32 |
|
rc4.i32 |
|
Family | tofsee |
C2 |
mubrikych.top oxxyfix.xyz |
Family | redline |
Botnet | 1 |
C2 |
86.107.197.138:38133 |
Family | amadey |
Version | 3.01 |
C2 |
185.215.113.35/d2VxjasuwS/index.php |
Family | amadey |
Version | 2.86 |
C2 |
2.56.56.210/notAnoob/index.php |
9e42b27f76923c2a6ddebd05933e1d88e1037c4c8e1a3ba062da412a156d05e5
18d2cbf685246208a2ac7a90c10210de
292KB
9b0cd6e142a530459960985273a1fdcfa0ece53e
9e42b27f76923c2a6ddebd05933e1d88e1037c4c8e1a3ba062da412a156d05e5
a142883bdca36918f4352ce51bd8f6bf2ebd525f0b07bf816b141f295bc8cf480e23d4b813b204b9bf8d08c0547acea8bc3747d52c66cd0120adeacc3d3aca67
Amadey bot is a simple trojan bot primarily used for collecting reconnaissance information.
Arkei is an infostealer written in C++.
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
Modular backdoor trojan in use since 2014.
Backdoor/botnet which carries out malicious activities based on commands from a C2 server.
Vidar is an infostealer based on Arkei stealer.
Infostealers often target stored browser data, which can include saved credentials etc.
Looks up Uninstall key entries in the registry to enumerate software on the system.
Attempts to read the root path of hard drives other than the default C: drive.