Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
0d63ae41ebd3569f6469bb8893a5acf3816f1b4b177c89210e0b69453c5b333e
-
Size
361KB
-
Sample
221102-fna2maaben
-
MD5
237ba2b42480f768697f6728e5690230
-
SHA1
48121e6fd277f9ad0066550b8214dada4baa980a
-
SHA256
0d63ae41ebd3569f6469bb8893a5acf3816f1b4b177c89210e0b69453c5b333e
-
SHA512
0bf04f6b088552829c5701cafdf0a58ca32d9427f4683d355f3ca69515b2cf4344128d30534f890952b410caf395a60c3ed768b1c24dac04ff47344275ba7a60
-
SSDEEP
3072:HH8gbGUoly3Lc5StZ9icreSq1xROifqOAkDpwmQoz7SP6LpoI9wjWzVggjcGkNIq:n8gbIy7jQSqpOi1wmerImjm7ITsqF
Malware Config
Targets
-
-
Target
0d63ae41ebd3569f6469bb8893a5acf3816f1b4b177c89210e0b69453c5b333e
-
Size
361KB
-
MD5
237ba2b42480f768697f6728e5690230
-
SHA1
48121e6fd277f9ad0066550b8214dada4baa980a
-
SHA256
0d63ae41ebd3569f6469bb8893a5acf3816f1b4b177c89210e0b69453c5b333e
-
SHA512
0bf04f6b088552829c5701cafdf0a58ca32d9427f4683d355f3ca69515b2cf4344128d30534f890952b410caf395a60c3ed768b1c24dac04ff47344275ba7a60
-
SSDEEP
3072:HH8gbGUoly3Lc5StZ9icreSq1xROifqOAkDpwmQoz7SP6LpoI9wjWzVggjcGkNIq:n8gbIy7jQSqpOi1wmerImjm7ITsqF
Score10/10-
Amadey
Amadey bot is a simple trojan bot primarily used for collecting reconnaissance information.
-
Detect Amadey credential stealer module
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads local data of messenger clients
Infostealers often target stored data of messaging applications, which can include saved credentials and account information.
-
Accesses Microsoft Outlook profiles
-
Adds Run key to start application
-