Main
Save
Resubmissions
19/12/2022, 13:18
221219-qj8r7sab3z 10General
-
Target
7c25d5c136fff48f875478d8f9f3a80f4f72a6fb5aa80f7954a3ab3ef6ddbd78
-
Size
126KB
-
MD5
628a26398301374c915780252650990b
-
SHA1
5d31e095d924e3982422aa1be3959c2e3353e602
-
SHA256
7c25d5c136fff48f875478d8f9f3a80f4f72a6fb5aa80f7954a3ab3ef6ddbd78
-
SHA512
ec4deacbb87a2ac52e42eeff86506d391c273741bab16a18973adf4d127e29d6d231ef405c7428e1ec5fe9d3b7a4f4451efb9c9c8eee886e8b5621b785f81705
-
SSDEEP
3072:Yx7pOYzBekn3tiINwyP7XSSJds3zhrjPcnqULv4O9:Yx7ZNhn3vwyOztPc3L
Score
10/10
Malware Config
Signatures
-
Amadey family
-
Detect Amadey credential stealer module 1 IoCs
resource yara_rule sample amadey_cred_module
Files
-
7c25d5c136fff48f875478d8f9f3a80f4f72a6fb5aa80f7954a3ab3ef6ddbd78.dll windows x86
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Exports
Exports
Sections
CODE Size: 103KB - Virtual size: 102KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
DATA Size: 5KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
BSS Size: - Virtual size: 2KB
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.edata Size: 512B - Virtual size: 79B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 7KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 5KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ