amadey | 87f4d0475836f47cdd74afd2cfe0f97f4f2f0b86f4d84f4fe4a6daa6cffc0c53 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

dridex

windows10-2004-x64

Sharing

General

Target

87f4d0475836f47cdd74afd2cfe0f97f4f2f0b86f4d84f4fe4a6daa6cffc0c53
Size

250KB
Sample

221202-clxwtsge51
MD5

53cce95f5bfb66c6f9a7394a1269afa2
SHA1

25534338447d6dd1fd2a660278e570613ef838e4
SHA256

87f4d0475836f47cdd74afd2cfe0f97f4f2f0b86f4d84f4fe4a6daa6cffc0c53
SHA512

661a2eead2b394302fccafa0c7df71711b9013bef7454313603e95c0093b218dd0fe341b5fc3216ea7c3253f00ccd87247eaf186d91a4fff9032209836af2ef5
SSDEEP

6144:Dg3O5R5hgK9vZPf9ZaSKNxphi39NOvpgY:s3O5RsK9Zf9ZafzpK8

Score

10^/10

amadey trojan

Static task

static1

Behavioral task

behavioral1

Sample

87f4d0475836f47cdd74afd2cfe0f97f4f2f0b86f4d84f4fe4a6daa6cffc0c53.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Extracted

Family

amadey

Version

3.50

C2

31.41.244.167/v7eWcjs/index.php

Targets

- Target
  
  87f4d0475836f47cdd74afd2cfe0f97f4f2f0b86f4d84f4fe4a6daa6cffc0c53
- Size
  
  250KB
- MD5
  
  53cce95f5bfb66c6f9a7394a1269afa2
- SHA1
  
  25534338447d6dd1fd2a660278e570613ef838e4
- SHA256
  
  87f4d0475836f47cdd74afd2cfe0f97f4f2f0b86f4d84f4fe4a6daa6cffc0c53
- SHA512
  
  661a2eead2b394302fccafa0c7df71711b9013bef7454313603e95c0093b218dd0fe341b5fc3216ea7c3253f00ccd87247eaf186d91a4fff9032209836af2ef5
- SSDEEP
  
  6144:Dg3O5R5hgK9vZPf9ZaSKNxphi39NOvpgY:s3O5RsK9Zf9ZafzpK8
Score

10^/10

amadey trojan
- Amadey
  Amadey bot is a simple trojan bot primarily used for collecting reconnaissance information.
  trojan amadey
- Downloads MZ/PE file
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy