amadey | c6768cf47e8cdc21eb432d430f8850dfacefd0128eceb934816f193e6de8c773 | Triage

Sharing

General

Target

c6768cf47e8cdc21eb432d430f8850dfacefd0128eceb934816f193e6de8c773
Size

244KB
Sample

221123-qe6r2sdg95
MD5

a744bc0e1b1d29a3366909eca6924054
SHA1

15365fb79a24890405b82da8602230714f236c72
SHA256

c6768cf47e8cdc21eb432d430f8850dfacefd0128eceb934816f193e6de8c773
SHA512

0b0143f1f6a7d0238c03514aee71878ee583b54a1c3e66f8853702326eb79c9b094c2d920348444a416608fa541d1d4b36782e635077ac597a20549b3f409f34
SSDEEP

3072:JiNsiQfXo3LUuvNYu/WXks5qqDuensIYXU1DVVVTE01K8gRUnx1hU/Iu9McSt7Jg:0NJLU5u/01rsICq5XTENgHhU/tM/IR

Score

10^/10

amadey trojan

Malware Config

Extracted

Family

amadey

Version

3.50

C2

193.56.146.174/g84kvj4jck/index.php

Targets

- Target
  
  c6768cf47e8cdc21eb432d430f8850dfacefd0128eceb934816f193e6de8c773
- Size
  
  244KB
- MD5
  
  a744bc0e1b1d29a3366909eca6924054
- SHA1
  
  15365fb79a24890405b82da8602230714f236c72
- SHA256
  
  c6768cf47e8cdc21eb432d430f8850dfacefd0128eceb934816f193e6de8c773
- SHA512
  
  0b0143f1f6a7d0238c03514aee71878ee583b54a1c3e66f8853702326eb79c9b094c2d920348444a416608fa541d1d4b36782e635077ac597a20549b3f409f34
- SSDEEP
  
  3072:JiNsiQfXo3LUuvNYu/WXks5qqDuensIYXU1DVVVTE01K8gRUnx1hU/Iu9McSt7Jg:0NJLU5u/01rsICq5XTENgHhU/tM/IR
Score

10^/10

amadey trojan
- Amadey
  Amadey bot is a simple trojan bot primarily used for collecting reconnaissance information.
  trojan amadey
- Executes dropped EXE
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1