Overview

overview

10

Static

static

dridex

windows10-1703-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1982d29457f37ee14568c1f0eadbd9dba633fc1e0210967ff750f9f0333ad143

  • Size

    268KB

  • Sample

    221031-3rperaecd9

  • MD5

    df3b44ad3e121328a0b9bf427f39b89c

  • SHA1

    7e32d04348fb847da98cddb7abff09d40f75ee5b

  • SHA256

    1982d29457f37ee14568c1f0eadbd9dba633fc1e0210967ff750f9f0333ad143

  • SHA512

    fef23a3a4d7a9f28e399a5e8c43379ce0063db238655ea23dffa8505d63e162d4e725c1d1c89f881c6123e687b73d744baf7d97235d29fe2925b501dcd2b86b1

  • SSDEEP

    3072:JCPjJhu6dSOQK+pLeT8Xl6df5eL1sJ6wFgR9Q2FhDDJ1A64bNb8Jws0FC2mPAxVL:JCrxdRQKoLegXlPLyE6q+wVE5CNPqUo

Score
10/10
amadeycollectionspywarestealertrojan

Malware Config

Targets

    • Target

      1982d29457f37ee14568c1f0eadbd9dba633fc1e0210967ff750f9f0333ad143

    • Size

      268KB

    • MD5

      df3b44ad3e121328a0b9bf427f39b89c

    • SHA1

      7e32d04348fb847da98cddb7abff09d40f75ee5b

    • SHA256

      1982d29457f37ee14568c1f0eadbd9dba633fc1e0210967ff750f9f0333ad143

    • SHA512

      fef23a3a4d7a9f28e399a5e8c43379ce0063db238655ea23dffa8505d63e162d4e725c1d1c89f881c6123e687b73d744baf7d97235d29fe2925b501dcd2b86b1

    • SSDEEP

      3072:JCPjJhu6dSOQK+pLeT8Xl6df5eL1sJ6wFgR9Q2FhDDJ1A64bNb8Jws0FC2mPAxVL:JCrxdRQKoLegXlPLyE6q+wVE5CNPqUo

    Score
    10/10
    amadeycollectionspywarestealertrojan

    • Amadey

      Amadey bot is a simple trojan bot primarily used for collecting reconnaissance information.

      trojanamadey

    • Detect Amadey credential stealer module

    • Blocklisted process makes network request

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads local data of messenger clients

      Infostealers often target stored data of messaging applications, which can include saved credentials and account information.

      spywarestealer

    • Accesses Microsoft Outlook profiles

      collection
    behavioral1

MITRE ATT&CK Enterprise v6

Tasks