Extracted

• • Target

    e0a4697b1e6b88ea843694ba6035db8d67bb99dbe1fa6b59f02af8646cc8a629

  • Size

    225KB

  • MD5

    565d69af6ad9b4295d0aa6b96fd36903

  • SHA1

    25f6b9102bac48e262744b04b8b3fa57f294124e

  • SHA256

    e0a4697b1e6b88ea843694ba6035db8d67bb99dbe1fa6b59f02af8646cc8a629

  • SHA512

    d357bbe6b1c6cf84312f21265e0de2fbd8cd4498b5f8f4faa429328686d737b2cf432f740782949a4dd948ec7b1a31dac082cd1503be6c18fb3017536893c2b2

  • SSDEEP

    6144:OGHGm7bGdj3Dbf5iHd31cpttENXSSKiw:OvebGdjzbUHdUtONXSSKiw

  Score

  10^/10

  amadeycollectionspywarestealertrojan

  • Amadey

    Amadey bot is a simple trojan bot primarily used for collecting reconnaissance information.

    trojanamadey

  • Detect Amadey credential stealer module

  • Blocklisted process makes network request

  • Downloads MZ/PE file

  • Executes dropped EXE

  • Loads dropped DLL

  • Reads local data of messenger clients

    Infostealers often target stored data of messaging applications, which can include saved credentials and account information.

    spywarestealer

  • Accesses Microsoft Outlook profiles

    collection
  behavioral1