General
-
Target
cc1fb0661af710dc7e0a4cbc0abd86ddac033d4303e282b5d21d9afb5074aa1d
-
Size
204KB
-
Sample
221129-2chszsdc26
-
MD5
ebea44977117a0b4acb8403cf1978197
-
SHA1
df17c9d16637d05cce47dd1e2e45111221bc2446
-
SHA256
cc1fb0661af710dc7e0a4cbc0abd86ddac033d4303e282b5d21d9afb5074aa1d
-
SHA512
d1405ff9a5e9920005bb3ded6b986d94cd1fc6d07c05bf3907ea67bd56910c52216aa5c9a9debe0bab504e490d5ae285b9aabc34ca1544a295ef050c7bc94a32
-
SSDEEP
3072:lDLtT5dEP27Up5lbD+2c+UJf2XfN30ZIIpkZuiCxuQKy82AQxuVIckcdo6sxR6:XTsP2n+k2XfF0ZI/sRu2XUmcbdoa
Static task
static1
Behavioral task
behavioral1
Sample
cc1fb0661af710dc7e0a4cbc0abd86ddac033d4303e282b5d21d9afb5074aa1d.exe
Resource
win10-20220901-en
Malware Config
Extracted
amadey
3.50
31.41.244.17/hfk3vK9/index.php
Targets
-
-
Target
cc1fb0661af710dc7e0a4cbc0abd86ddac033d4303e282b5d21d9afb5074aa1d
-
Size
204KB
-
MD5
ebea44977117a0b4acb8403cf1978197
-
SHA1
df17c9d16637d05cce47dd1e2e45111221bc2446
-
SHA256
cc1fb0661af710dc7e0a4cbc0abd86ddac033d4303e282b5d21d9afb5074aa1d
-
SHA512
d1405ff9a5e9920005bb3ded6b986d94cd1fc6d07c05bf3907ea67bd56910c52216aa5c9a9debe0bab504e490d5ae285b9aabc34ca1544a295ef050c7bc94a32
-
SSDEEP
3072:lDLtT5dEP27Up5lbD+2c+UJf2XfN30ZIIpkZuiCxuQKy82AQxuVIckcdo6sxR6:XTsP2n+k2XfF0ZI/sRu2XUmcbdoa
Score10/10-
Detect Amadey credential stealer module
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses Microsoft Outlook profiles
-