amadey | 7ff0ff6e51a58398ad73da3cc8e7e6233a23e49d93aaa4b190672e4f9f08b9bb | Triage

Sharing

General

Target

b413ff6e943c415afc26640ff535c724
Size

2.4MB
Sample

220529-v39wtscgdp
MD5

b413ff6e943c415afc26640ff535c724
SHA1

fcc13d52bf28416f3b8a594d58113fd8828a4093
SHA256

7ff0ff6e51a58398ad73da3cc8e7e6233a23e49d93aaa4b190672e4f9f08b9bb
SHA512

ca5ac0fc7aa0ed1a615ccd628b8b97b3d83b31e0da58b9d9e23e4e9f97bfa598920119e8afbbdac6e97c994e8739651083fd1afe69384d25a1fd6bc4702ce815

Score

10^/10

amadey trojan

Malware Config

Extracted

Family

amadey

Version

3.20

C2

happyday9risce.com/gg4mn3s/index.php

xksldjf9sksdjfks.com/gg4mn3s/index.php

dhisa8f9ah02hopasiaf.com/gg4mn3s/index.php

Targets

- Target
  
  b413ff6e943c415afc26640ff535c724
- Size
  
  2.4MB
- MD5
  
  b413ff6e943c415afc26640ff535c724
- SHA1
  
  fcc13d52bf28416f3b8a594d58113fd8828a4093
- SHA256
  
  7ff0ff6e51a58398ad73da3cc8e7e6233a23e49d93aaa4b190672e4f9f08b9bb
- SHA512
  
  ca5ac0fc7aa0ed1a615ccd628b8b97b3d83b31e0da58b9d9e23e4e9f97bfa598920119e8afbbdac6e97c994e8739651083fd1afe69384d25a1fd6bc4702ce815
Score

10^/10

amadey trojan
- Amadey
  Amadey bot is a simple trojan bot primarily used for collecting reconnaissance information.
  trojan amadey
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2