Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
77b5cef1f46958b16b21d2fe4836130c1406832002beac168af7cfb3db4713ff
-
Size
423KB
-
Sample
221206-z2yjmadg32
-
MD5
cd334129fb0d8e174eca8566e0e542fe
-
SHA1
ffd830c762c2015b120acc25a24ecf8331047749
-
SHA256
77b5cef1f46958b16b21d2fe4836130c1406832002beac168af7cfb3db4713ff
-
SHA512
be8ee28ccf003ae90201f293e6dc2c704ceafa8dcba40d34a9f353436a8c6a97bde3e6ae8811964847b97c8d8ed593ddb1b08053665ec753fcee092c282becc4
-
SSDEEP
6144:zicpZRsLJg+alhrpsmriQv89qIV2HUEUEU67bDLAWcoBlCdi1taVe:ziiZ61g+Idps97qIwKEU6fD3cWC+t3
Malware Config
Extracted
amadey
3.50
77.73.133.72/hfk3vK9/index.php
Targets
-
-
Target
77b5cef1f46958b16b21d2fe4836130c1406832002beac168af7cfb3db4713ff
-
Size
423KB
-
MD5
cd334129fb0d8e174eca8566e0e542fe
-
SHA1
ffd830c762c2015b120acc25a24ecf8331047749
-
SHA256
77b5cef1f46958b16b21d2fe4836130c1406832002beac168af7cfb3db4713ff
-
SHA512
be8ee28ccf003ae90201f293e6dc2c704ceafa8dcba40d34a9f353436a8c6a97bde3e6ae8811964847b97c8d8ed593ddb1b08053665ec753fcee092c282becc4
-
SSDEEP
6144:zicpZRsLJg+alhrpsmriQv89qIV2HUEUEU67bDLAWcoBlCdi1taVe:ziiZ61g+Idps97qIwKEU6fD3cWC+t3
Score10/10-
Amadey
Amadey bot is a simple trojan bot primarily used for collecting reconnaissance information.
-
Detect Amadey credential stealer module
-
Blocklisted process makes network request
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads local data of messenger clients
Infostealers often target stored data of messaging applications, which can include saved credentials and account information.
-
Accesses Microsoft Outlook profiles
-