amadey | 104af593683398f0980f2c86e6513b8c1b7dededc1f924d4693ad92410d51a62 | Triage

Sharing

General

Target

104af593683398f0980f2c86e6513b8c1b7dededc1f924d4693ad92410d51a62
Size

126KB
MD5

aebf8cd9ea982decded5ee6f3777c6d7
SHA1

406e723158cd5697503d1d04839d3bc7a5051603
SHA256

104af593683398f0980f2c86e6513b8c1b7dededc1f924d4693ad92410d51a62
SHA512

f28fbb9b155348a6aca1105abf6f88640bb68374c07e023a7c9e06577006002d09b53b7629923c2486d7e9811f7254a296d19e566940077431e5089b06a13981
SSDEEP

3072:ox7pOYzBekuOmWDWCMq6As523HeS9FAiZ87vO2rlL3Rn+9:ox7ZNhH/dMq6AO0a7vVlT

Score

10^/10

amadey

Malware Config

Signatures

Amadey family
amadey

Detect Amadey credential stealer module 1 IoCs

resource	yara_rule
sample	amadey_cred_module

Files

104af593683398f0980f2c86e6513b8c1b7dededc1f924d4693ad92410d51a62
.dll windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

Main
Save

Sections

CODE
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 79B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ