General
-
Target
03d533e816dd933851cb98a3b4015a32aeaee9862a62e622778a744988eaf3d4
-
Size
950KB
-
Sample
230415-28g7bshf8x
-
MD5
2a34f6b8fe2dbbc72fff8fda80ffa8eb
-
SHA1
6753b9ab0d19283f0b2bdd99031317d5abd3764d
-
SHA256
03d533e816dd933851cb98a3b4015a32aeaee9862a62e622778a744988eaf3d4
-
SHA512
1318218f0133d999d88257327c9dbb633e2608ca4d5f4f3774a259d368b401a3ec718ff3749334dc73e4c8e9c17c8f90c402fbfe09f25c02f7674ff5fb275b0b
-
SSDEEP
24576:ayrZzzNAdOq8P21q+YUuNp1qFxWoV9igSHdA0Xnq+:hrN5A4zN+M9CWoV2d3q
Malware Config
Targets
-
-
Target
03d533e816dd933851cb98a3b4015a32aeaee9862a62e622778a744988eaf3d4
-
Size
950KB
-
MD5
2a34f6b8fe2dbbc72fff8fda80ffa8eb
-
SHA1
6753b9ab0d19283f0b2bdd99031317d5abd3764d
-
SHA256
03d533e816dd933851cb98a3b4015a32aeaee9862a62e622778a744988eaf3d4
-
SHA512
1318218f0133d999d88257327c9dbb633e2608ca4d5f4f3774a259d368b401a3ec718ff3749334dc73e4c8e9c17c8f90c402fbfe09f25c02f7674ff5fb275b0b
-
SSDEEP
24576:ayrZzzNAdOq8P21q+YUuNp1qFxWoV9igSHdA0Xnq+:hrN5A4zN+M9CWoV2d3q
Score10/10-
Amadey
Amadey bot is a simple trojan bot primarily used for collecting reconnaissance information.
-
Modifies Windows Defender Real-time Protection settings
-
Executes dropped EXE
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Windows security modification
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-