General
-
Target
file.exe
-
Size
207KB
-
Sample
221126-v4t7rsef71
-
MD5
b8163409efad572bc7627feafd46452d
-
SHA1
882f5b58827cc7cb4faef3eb590728cd9764829d
-
SHA256
cb8ccdb72d2ccc8aa9e1d5ef9eaf0365cada4573d1de36e6505c176fb4b27366
-
SHA512
774c0797a5f5e0c18cb38ecf8a26ba17c2a0ee0a93de7f56a4ea37f65a31cb09a999e5138dcebaaca74e029df848feefeff8b7f12d863cb2245c858ce299ed93
-
SSDEEP
3072:l5r5+ytc5m5Xqu8oSvXXomdtT7Voia060vQhS+ac1oivqxtExB:b57cOovXXoUtSi9ES+aceiyxG
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20221111-en
Malware Config
Extracted
amadey
3.50
31.41.244.17/hfk3vK9/index.php
Targets
-
-
Target
file.exe
-
Size
207KB
-
MD5
b8163409efad572bc7627feafd46452d
-
SHA1
882f5b58827cc7cb4faef3eb590728cd9764829d
-
SHA256
cb8ccdb72d2ccc8aa9e1d5ef9eaf0365cada4573d1de36e6505c176fb4b27366
-
SHA512
774c0797a5f5e0c18cb38ecf8a26ba17c2a0ee0a93de7f56a4ea37f65a31cb09a999e5138dcebaaca74e029df848feefeff8b7f12d863cb2245c858ce299ed93
-
SSDEEP
3072:l5r5+ytc5m5Xqu8oSvXXomdtT7Voia060vQhS+ac1oivqxtExB:b57cOovXXoUtSi9ES+aceiyxG
Score10/10-
Detect Amadey credential stealer module
-
Blocklisted process makes network request
-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses Microsoft Outlook profiles
-