General

  • Target

    9083ea498dae79a1c3124d7eb231c415.dll

  • Size

    126KB

  • Sample

    220516-nnbl6ahgc7

  • MD5

    9083ea498dae79a1c3124d7eb231c415

  • SHA1

    416506992b86749bebdc03e76faf65a82d20c6ff

  • SHA256

    5342a90e6dd43fb471d9674de99d8cdc048381efff246af9de32f9257cacdcc3

  • SHA512

    8e3846ac667c85ce138bb5898e8a5b046f2cfb7d2d946e697e806e9ec6ab27559723e8f6b8fa97f221476814e2921e4b165f777554e512732f4801863715378a

Malware Config

Targets

    • Target

      9083ea498dae79a1c3124d7eb231c415.dll

    • Size

      126KB

    • MD5

      9083ea498dae79a1c3124d7eb231c415

    • SHA1

      416506992b86749bebdc03e76faf65a82d20c6ff

    • SHA256

      5342a90e6dd43fb471d9674de99d8cdc048381efff246af9de32f9257cacdcc3

    • SHA512

      8e3846ac667c85ce138bb5898e8a5b046f2cfb7d2d946e697e806e9ec6ab27559723e8f6b8fa97f221476814e2921e4b165f777554e512732f4801863715378a

    • Amadey

      Amadey bot is a simple trojan bot primarily used for collecting reconnaissance information.

    • Detect Amadey credential stealer module

    • Reads local data of messenger clients

      Infostealers often target stored data of messaging applications, which can include saved credentials and account information.

    • Accesses Microsoft Outlook profiles

MITRE ATT&CK Matrix ATT&CK v6

Credential Access

Credentials in Files

1
T1081

Collection

Data from Local System

1
T1005

Email Collection

1
T1114

Tasks