Description
Amadey bot is a simple trojan bot primarily used for collecting reconnaissance information.
b7573458498a18eb51b1195903a93f04e8f1e82bebf51fe92e3d42d291ba038b
298KB
211224-w19nqaehh4
728d1476225e713d80d24428149ecc5e
04f6aacdc9861aae2f67ad2cbe06c65c32bbc091
b7573458498a18eb51b1195903a93f04e8f1e82bebf51fe92e3d42d291ba038b
4fc7602a918bfc3872c20514c4cc44f65b539de2691eede1392fe330e4cbbab3a6b65ad473ca2f079ee29f5d527e4124fd447dfd5bc540f1fcbedf8a7df494cd
Family | smokeloader |
Version | 2020 |
C2 |
http://host-data-coin-11.com/ http://file-coin-host-12.com/ http://srtuiyhuali.at/ http://fufuiloirtu.com/ http://amogohuigotuli.at/ http://novohudosovu.com/ http://brutuilionust.com/ http://bubushkalioua.com/ http://dumuilistrati.at/ http://verboliatsiaeeees.com/ |
rc4.i32 |
|
rc4.i32 |
|
rc4.i32 |
|
rc4.i32 |
|
Family | tofsee |
C2 |
mubrikych.top oxxyfix.xyz |
Family | redline |
Botnet | 1 |
C2 |
86.107.197.138:38133 |
Family | amadey |
Version | 3.01 |
C2 |
185.215.113.35/d2VxjasuwS/index.php |
Family | amadey |
Version | 2.86 |
C2 |
2.56.56.210/notAnoob/index.php |
Family | redline |
Botnet | @cas |
C2 |
87.249.53.87:63820 |
Family | raccoon |
rc4.plain |
|
Family | raccoon |
Botnet | e9f10fade0328e7cef5c9f5bf00076086ba5a8a1 |
Attributes |
url4cnc http://91.219.236.18/baldandbankrupt1 http://194.180.174.41/baldandbankrupt1 http://91.219.236.148/baldandbankrupt1 https://t.me/baldandbankrupt1 |
rc4.plain |
|
rc4.plain |
|
b7573458498a18eb51b1195903a93f04e8f1e82bebf51fe92e3d42d291ba038b
728d1476225e713d80d24428149ecc5e
298KB
04f6aacdc9861aae2f67ad2cbe06c65c32bbc091
b7573458498a18eb51b1195903a93f04e8f1e82bebf51fe92e3d42d291ba038b
4fc7602a918bfc3872c20514c4cc44f65b539de2691eede1392fe330e4cbbab3a6b65ad473ca2f079ee29f5d527e4124fd447dfd5bc540f1fcbedf8a7df494cd
Amadey bot is a simple trojan bot primarily used for collecting reconnaissance information.
Arkei is an infostealer written in C++.
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
Simple but powerful infostealer which was very active in 2019.
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
Modular backdoor trojan in use since 2014.
Backdoor/botnet which carries out malicious activities based on commands from a C2 server.
Infostealers often target stored browser data, which can include saved credentials etc.
Looks up Uninstall key entries in the registry to enumerate software on the system.