Overview

overview

10

Static

static

406fa59154...a6.exe

windows7_x64

10

406fa59154...a6.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    406fa59154f8af1434e169c1f405cbc56188fe29205b061e700a73dd71a691a6

  • Size

    712KB

  • Sample

    220515-1hnezsgce8

  • MD5

    8bd83195e75ba243f08062da72de34e6

  • SHA1

    34cc6a11549b96f97577cf7a518a59b5c5a5f642

  • SHA256

    406fa59154f8af1434e169c1f405cbc56188fe29205b061e700a73dd71a691a6

  • SHA512

    985cea4fc42a7cb7709f19f70ec34ba1d7bf64d4caeb68e9d9e2a7c0249d87f6c87f8676b9ea8c27f341eb8f7888aefa8b488291b9dd98043fe3ef1992c1c5f8

Score
10/10
amadeytrojan

Malware Config

Extracted

Family

amadey

Version

1.99

C2

217.8.117.41/nbDcw2d/index.php

Extracted

Family

amadey

Version

o

C2

i/

c/o

s/t

i/t

u/i

s/c

Targets

    • Target

      406fa59154f8af1434e169c1f405cbc56188fe29205b061e700a73dd71a691a6

    • Size

      712KB

    • MD5

      8bd83195e75ba243f08062da72de34e6

    • SHA1

      34cc6a11549b96f97577cf7a518a59b5c5a5f642

    • SHA256

      406fa59154f8af1434e169c1f405cbc56188fe29205b061e700a73dd71a691a6

    • SHA512

      985cea4fc42a7cb7709f19f70ec34ba1d7bf64d4caeb68e9d9e2a7c0249d87f6c87f8676b9ea8c27f341eb8f7888aefa8b488291b9dd98043fe3ef1992c1c5f8

    Score
    10/10
    amadeytrojan

    • Amadey

      Amadey bot is a simple trojan bot primarily used for collecting reconnaissance information.

      trojanamadey

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

1
T1053

Persistence

Scheduled Task

1
T1053

Privilege Escalation

Scheduled Task

1
T1053

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks