Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
53c184a0d6bdf0322c8887e1320204ddc58747928b08cc79500fb53f0f2739e0
-
Size
978KB
-
Sample
230417-ngsl4afe5x
-
MD5
660bf12a8be84164478c208b37839d80
-
SHA1
60d042babcc7cf97eb96915095479955aa409b44
-
SHA256
53c184a0d6bdf0322c8887e1320204ddc58747928b08cc79500fb53f0f2739e0
-
SHA512
fee331ce61afeff93952a310868e70ab84600d22fdaa98a3ca489eb52cfbde9619bdb0a86fcd318d72f9cfe7c0e2aa53fb54dbe61997c5c9b1dcd9e42b94900b
-
SSDEEP
24576:byad/UFb6aGO4Hisrlyt4ECqi+zL+X2JKorUnwm+bSDNi6R81olnQ:Osu6aDUat4ESGsoIwm+2RR81I
Malware Config
Targets
-
-
Target
53c184a0d6bdf0322c8887e1320204ddc58747928b08cc79500fb53f0f2739e0
-
Size
978KB
-
MD5
660bf12a8be84164478c208b37839d80
-
SHA1
60d042babcc7cf97eb96915095479955aa409b44
-
SHA256
53c184a0d6bdf0322c8887e1320204ddc58747928b08cc79500fb53f0f2739e0
-
SHA512
fee331ce61afeff93952a310868e70ab84600d22fdaa98a3ca489eb52cfbde9619bdb0a86fcd318d72f9cfe7c0e2aa53fb54dbe61997c5c9b1dcd9e42b94900b
-
SSDEEP
24576:byad/UFb6aGO4Hisrlyt4ECqi+zL+X2JKorUnwm+bSDNi6R81olnQ:Osu6aDUat4ESGsoIwm+2RR81I
Score10/10-
Amadey
Amadey bot is a simple trojan bot primarily used for collecting reconnaissance information.
-
Modifies Windows Defender Real-time Protection settings
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Windows security modification
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-