Extracted

• • Target

    ac696ff26dae3d008a7f1a8a33a6c067.exe

  • Size

    633KB

  • MD5

    ac696ff26dae3d008a7f1a8a33a6c067

  • SHA1

    0e450582db291be053ac6a4ccf722dc4441b1f2e

  • SHA256

    44e08debeddf1bf932fd76e0fd0088eb196c036c92d662601ac8b55fe10528b9

  • SHA512

    1e049cc4cdd0e6dc4f38771f271a8021ad5c771024ed9cc3aea787d184a976f84778fc127ff2ab67cb79e0621ddc60b4b872393f4fabb0dfceb977409f66c0c6

  Score

  10^/10

  amadeyneshtapersistencespywarestealertrojan

  • Amadey

    Amadey bot is a simple trojan bot primarily used for collecting reconnaissance information.

    trojanamadey

  • Detect Neshta Payload

  • Modifies system executable filetype association

    persistence

  • Neshta

    Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    persistencespywareneshta

  • Downloads MZ/PE file

  • Executes dropped EXE

  • Loads dropped DLL

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer
  behavioral1behavioral2