amadey | e7da510639a06b3c886656d24131f84535896b412c3ce5ad966b32d2830190bf | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-1703-x64

Sharing

General

Target

e7da510639a06b3c886656d24131f84535896b412c3ce5ad966b32d2830190bf
Size

324KB
Sample

221106-y2b5yscfak
MD5

7ed1d1c6972a92f97697465c465be8ba
SHA1

da5190fe64e65e1de39acc337ef77e2c942c3653
SHA256

e7da510639a06b3c886656d24131f84535896b412c3ce5ad966b32d2830190bf
SHA512

676adabd6a19b4e846e4682ca8f67539798821143dd57d47788b678be879dcbdea27b9d7fe0d95b5369f6614acfd7a088b80f66cb5190dc5da9ea6844a1ab192
SSDEEP

6144:L1nK/fju+geevVSOy7htMhie3REaF2QA3Pa:RnKXyTee95Y+tJ1AS

Score

10^/10

amadey collection spyware stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

e7da510639a06b3c886656d24131f84535896b412c3ce5ad966b32d2830190bf.exe

Resource

win10-20220901-en

amadey collection spyware stealer trojan

windows10-1703-x64

13 signatures

150 seconds

Malware Config

Targets

- Target
  
  e7da510639a06b3c886656d24131f84535896b412c3ce5ad966b32d2830190bf
- Size
  
  324KB
- MD5
  
  7ed1d1c6972a92f97697465c465be8ba
- SHA1
  
  da5190fe64e65e1de39acc337ef77e2c942c3653
- SHA256
  
  e7da510639a06b3c886656d24131f84535896b412c3ce5ad966b32d2830190bf
- SHA512
  
  676adabd6a19b4e846e4682ca8f67539798821143dd57d47788b678be879dcbdea27b9d7fe0d95b5369f6614acfd7a088b80f66cb5190dc5da9ea6844a1ab192
- SSDEEP
  
  6144:L1nK/fju+geevVSOy7htMhie3REaF2QA3Pa:RnKXyTee95Y+tJ1AS
Score

10^/10

amadey collection spyware stealer trojan
- Amadey
  Amadey bot is a simple trojan bot primarily used for collecting reconnaissance information.
  trojan amadey
- Detect Amadey credential stealer module
- Blocklisted process makes network request
- Downloads MZ/PE file
- Executes dropped EXE
- Loads dropped DLL
- Reads local data of messenger clients
  Infostealers often target stored data of messaging applications, which can include saved credentials and account information.
  spyware stealer
- Accesses Microsoft Outlook profiles
  collection
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Credentials in Files

Discovery

System Information Discovery

Lateral Movement

Collection

Data from Local System

Email Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

amadeycollectionspywarestealertrojan

© 2018-2025

Terms | Privacy