amadey | c5f1acf40da5da5c2179ad75792d817b7b3240d7192c90565d570e6d40716374 | Triage

Sharing

General

Target

3b82a0ea49d855327b64073872ebb6b63eee056e182be6b1935aa512628252af
Size

67KB
Sample

221114-w1xzxshb9v
MD5

5c6a0a9db26f288352805ede95882d25
SHA1

cc48d9e1eb9517dddcd233636c477f27ed873ea1
SHA256

c5f1acf40da5da5c2179ad75792d817b7b3240d7192c90565d570e6d40716374
SHA512

d6add59be25190c0f7164782a1eae708f333493682b6ee9fa9b0713b614bb20fad44ec376e89994a2a1e0d48c09e86cea543b49e9627f0093d452369ceea47c2
SSDEEP

1536:7Yjtmoic3woWKK6b6tBBoxkJcW48OcdIT+bFdjwsZrmBO0jnFDh8mZiM:N+A6Wtj0k6iIT+xOA6g8Nh8M

Score

10^/10

amadey collection spyware stealer

Malware Config

Targets

- Target
  
  3b82a0ea49d855327b64073872ebb6b63eee056e182be6b1935aa512628252af
- Size
  
  126KB
- MD5
  
  507e9dc7b9c42f535b6df96d79179835
- SHA1
  
  acf41fb549750023115f060071aa5ca8c33f249e
- SHA256
  
  3b82a0ea49d855327b64073872ebb6b63eee056e182be6b1935aa512628252af
- SHA512
  
  70907ec4c395b0d2219bfe98907ec130bfcbc6d4bec7bd73965a9b1e422553e27daaead3d6647620fcf5392d85a2e975bce0f7c79c0bc665dd33ce65f7d44302
- SSDEEP
  
  3072:Yx7pOYzBekK3tiINwyP7XSSJds3zhrjPcnqULv4G9:Yx7ZNhK3vwyOztPc3L
Score

7^/10

collection spyware stealer
- Reads local data of messenger clients
  Infostealers often target stored data of messaging applications, which can include saved credentials and account information.
  spyware stealer
- Accesses Microsoft Outlook profiles
  collection
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Email Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

collectionspywarestealer

behavioral2

collectionspywarestealer