Description
Amadey bot is a simple trojan bot primarily used for collecting reconnaissance information.
6db982b8a2d769b2201509ad005da2317d1693390d1703fb18229c5149ffa5ec
292KB
211224-vgdaqsegb4
67ecf28499705bb95919fc3b8e33884e
d20724e856cf8114a2f3561b8cf4ad8109b2d2aa
6db982b8a2d769b2201509ad005da2317d1693390d1703fb18229c5149ffa5ec
4629f0eea1b86b82ba425e379cacffb7ef360b841f06edc5174dbeb8afb7398fb34a11099ecace911c4dd139685cc966d4d646281d0399a4d1296cc0503953af
Family | smokeloader |
Version | 2020 |
C2 |
http://host-data-coin-11.com/ http://file-coin-host-12.com/ http://srtuiyhuali.at/ http://fufuiloirtu.com/ http://amogohuigotuli.at/ http://novohudosovu.com/ http://brutuilionust.com/ http://bubushkalioua.com/ http://dumuilistrati.at/ http://verboliatsiaeeees.com/ |
rc4.i32 |
|
rc4.i32 |
|
rc4.i32 |
|
rc4.i32 |
|
Family | redline |
Botnet | 1 |
C2 |
86.107.197.138:38133 |
Family | tofsee |
C2 |
mubrikych.top oxxyfix.xyz |
Family | amadey |
Version | 3.01 |
C2 |
185.215.113.35/d2VxjasuwS/index.php |
Family | amadey |
Version | 2.86 |
C2 |
2.56.56.210/notAnoob/index.php |
6db982b8a2d769b2201509ad005da2317d1693390d1703fb18229c5149ffa5ec
67ecf28499705bb95919fc3b8e33884e
292KB
d20724e856cf8114a2f3561b8cf4ad8109b2d2aa
6db982b8a2d769b2201509ad005da2317d1693390d1703fb18229c5149ffa5ec
4629f0eea1b86b82ba425e379cacffb7ef360b841f06edc5174dbeb8afb7398fb34a11099ecace911c4dd139685cc966d4d646281d0399a4d1296cc0503953af
Amadey bot is a simple trojan bot primarily used for collecting reconnaissance information.
Arkei is an infostealer written in C++.
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
Modular backdoor trojan in use since 2014.
Backdoor/botnet which carries out malicious activities based on commands from a C2 server.
Vidar is an infostealer based on Arkei stealer.
Infostealers often target stored browser data, which can include saved credentials etc.
Looks up Uninstall key entries in the registry to enumerate software on the system.
Attempts to read the root path of hard drives other than the default C: drive.