General
-
Target
88d5553b125ae81467bcd13d259968b71fcbb8d4fcec17189135f333be65696d
-
Size
382KB
-
Sample
220623-swgklagea7
-
MD5
941468d241d661ab702d712ae689f18e
-
SHA1
931bc80f7e6d857739c387f1dac816e768fb20e1
-
SHA256
88d5553b125ae81467bcd13d259968b71fcbb8d4fcec17189135f333be65696d
-
SHA512
a1bc33638ab12e5384829f8bc27824a91fbef1058e53e87569b7d34549af80b81cebeb86841289e0c81f7e05b1d8a4ba31657fa56e4f7fad27465e75a055f3f5
Static task
static1
Malware Config
Extracted
amadey
3.21
185.215.113.15/Lkb2dxj3/index.php
Targets
-
-
Target
88d5553b125ae81467bcd13d259968b71fcbb8d4fcec17189135f333be65696d
-
Size
382KB
-
MD5
941468d241d661ab702d712ae689f18e
-
SHA1
931bc80f7e6d857739c387f1dac816e768fb20e1
-
SHA256
88d5553b125ae81467bcd13d259968b71fcbb8d4fcec17189135f333be65696d
-
SHA512
a1bc33638ab12e5384829f8bc27824a91fbef1058e53e87569b7d34549af80b81cebeb86841289e0c81f7e05b1d8a4ba31657fa56e4f7fad27465e75a055f3f5
-
Detect Amadey credential stealer module
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses Microsoft Outlook profiles
-