Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

0x00080000...69.exe

windows7-x64

10

0x00080000...69.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0x00080000000122e6-1069.dat

  • Size

    226KB

  • Sample

    230326-sq8rwsha27

  • MD5

    d6e9b7a43836a7de3b47450c77eb2e12

  • SHA1

    22b24298231f07c05fe057f2c5ee0e973260b6b4

  • SHA256

    7c9a2a9bc7a70c76bee74d184c9d8928c3e5a709ea577f21e146d007da52365f

  • SHA512

    0adb295e7c7086678eb9bedc2a541d00b5a815ffffa3cc9aeaf771fa985f34ba5380a9b2ee98342f8a48240757b2568dcf2c7c5986581a814ce92e8893acdc08

  • SSDEEP

    6144:4rzyIG8IcCnD5A2QdY8rWpau1CYUqfhYdMBg:KmlLnD5qdY8Fu1CYUehrBg

Score
10/10
amadeytrojan

Malware Config

Extracted

Family

amadey

Version

3.68

C2

31.41.244.200/games/category/index.php

Targets

    • Target

      0x00080000000122e6-1069.dat

    • Size

      226KB

    • MD5

      d6e9b7a43836a7de3b47450c77eb2e12

    • SHA1

      22b24298231f07c05fe057f2c5ee0e973260b6b4

    • SHA256

      7c9a2a9bc7a70c76bee74d184c9d8928c3e5a709ea577f21e146d007da52365f

    • SHA512

      0adb295e7c7086678eb9bedc2a541d00b5a815ffffa3cc9aeaf771fa985f34ba5380a9b2ee98342f8a48240757b2568dcf2c7c5986581a814ce92e8893acdc08

    • SSDEEP

      6144:4rzyIG8IcCnD5A2QdY8rWpau1CYUqfhYdMBg:KmlLnD5qdY8Fu1CYUehrBg

    Score
    10/10
    amadeytrojan

    • Amadey

      Amadey bot is a simple trojan bot primarily used for collecting reconnaissance information.

      trojanamadey

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks