amadey | 404cbbe82d5516770ac48db2bb1d0df6ae2e00c5ae47ea5a2968c8120475a617 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1488-56-0x0000000000400000-0x00000000004C4000-memory.dmp
Size

784KB
Sample

221125-v855tsga9w
MD5

758f27f7cef17286acd4f5c8b08e2582
SHA1

5150a70d4bcff28ca1eefc763fda983b1634dd02
SHA256

404cbbe82d5516770ac48db2bb1d0df6ae2e00c5ae47ea5a2968c8120475a617
SHA512

60ef704e4a1d7d9ca5b840ed0f3c5284b004cc8e9aff284fa994677317eb8d5dd28c58b4a4dfa962965bb70d431822d99590bf86a27b3072ec0b3afabbf72744
SSDEEP

12288:/jQkz12QuDJp9LQ6veT2sThYNMpo4DH49xlDYB8Hgc0lw9:/jQy2d9VvgQN1Lxk87G

Score

10^/10

amadey

Malware Config

Extracted

Family

amadey

Version

3.50

C2

update.nodfirewalld.org/MvwWdj2/index.php

download.gitextension.com/MvwWdj2/index.php

Targets

- Target
  
  1488-56-0x0000000000400000-0x00000000004C4000-memory.dmp
- Size
  
  784KB
- MD5
  
  758f27f7cef17286acd4f5c8b08e2582
- SHA1
  
  5150a70d4bcff28ca1eefc763fda983b1634dd02
- SHA256
  
  404cbbe82d5516770ac48db2bb1d0df6ae2e00c5ae47ea5a2968c8120475a617
- SHA512
  
  60ef704e4a1d7d9ca5b840ed0f3c5284b004cc8e9aff284fa994677317eb8d5dd28c58b4a4dfa962965bb70d431822d99590bf86a27b3072ec0b3afabbf72744
- SSDEEP
  
  12288:/jQkz12QuDJp9LQ6veT2sThYNMpo4DH49xlDYB8Hgc0lw9:/jQy2d9VvgQN1Lxk87G
Score

3^/10
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2