amadey | a7a3bb32ffb7868bc22b84c47004a8b4390a328440807fa26cfb680e2f232301 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-1703-x64

Sharing

Copy URL Twitter E-mail

General

Target

a7a3bb32ffb7868bc22b84c47004a8b4390a328440807fa26cfb680e2f232301
Size

292KB
Sample

221028-sdj8rsgdak
MD5

6fb7f918e4ebac678797e8109aa62ef8
SHA1

6bc7d0895694783833430fa37ef8e2ea0d522235
SHA256

a7a3bb32ffb7868bc22b84c47004a8b4390a328440807fa26cfb680e2f232301
SHA512

c147dadd402c3dfff273bafb0eef25d3c6c0adbb83cc1f47a27dd71e82dd417075a64c5792e28bec5bf33bff52f6b8906363461f522b8b5266564bd2793cad54
SSDEEP

3072:0XOTHcILlcAnRoUGjmj5MHJeO0ZhQ00MetEsNdq5hk43vkwg6pzJC3rEyb2R6o3q:wUHJLlbo/jVHr0ZVazUfU3wV6C3a

Score

10^/10

amadey collection spyware stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

a7a3bb32ffb7868bc22b84c47004a8b4390a328440807fa26cfb680e2f232301.exe

Resource

win10-20220812-en

amadey collection spyware stealer trojan

windows10-1703-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  a7a3bb32ffb7868bc22b84c47004a8b4390a328440807fa26cfb680e2f232301
- Size
  
  292KB
- MD5
  
  6fb7f918e4ebac678797e8109aa62ef8
- SHA1
  
  6bc7d0895694783833430fa37ef8e2ea0d522235
- SHA256
  
  a7a3bb32ffb7868bc22b84c47004a8b4390a328440807fa26cfb680e2f232301
- SHA512
  
  c147dadd402c3dfff273bafb0eef25d3c6c0adbb83cc1f47a27dd71e82dd417075a64c5792e28bec5bf33bff52f6b8906363461f522b8b5266564bd2793cad54
- SSDEEP
  
  3072:0XOTHcILlcAnRoUGjmj5MHJeO0ZhQ00MetEsNdq5hk43vkwg6pzJC3rEyb2R6o3q:wUHJLlbo/jVHr0ZVazUfU3wV6C3a
Score

10^/10

amadey collection spyware stealer trojan
- Amadey
  Amadey bot is a simple trojan bot primarily used for collecting reconnaissance information.
  trojan amadey
- Detect Amadey credential stealer module
- Blocklisted process makes network request
- Executes dropped EXE
- Loads dropped DLL
- Reads local data of messenger clients
  Infostealers often target stored data of messaging applications, which can include saved credentials and account information.
  spyware stealer
- Accesses Microsoft Outlook profiles
  collection
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Credentials in Files

Discovery

System Information Discovery

Lateral Movement

Collection

Data from Local System

Email Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

amadeycollectionspywarestealertrojan

© 2018-2025

Terms | Privacy