Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

0x00070000...16.exe

windows7-x64

10

0x00070000...16.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0x0007000000014abe-116.dat

  • Size

    232KB

  • Sample

    230510-pr24ysga27

  • MD5

    a501b621e2d0896f5edb6cbf155423a6

  • SHA1

    d75004a252c7b0b20678990e7a610d588de9dc8d

  • SHA256

    b1125fd3bc17e2cec3f04596ebb4ae421628883a98f68cabebc6663dd1c5cdc5

  • SHA512

    e9968c04b5bd14bbe82cc90518e84b0001065af26d380404e7b29f2d7f836057e7a1693706f8dbaf8b1097cbdca13f5dd508df3eba12c5dc6f4bc23d4dce1f1b

  • SSDEEP

    6144:mKVNIG75NpcElElt/DgK1yuFShFBr2D+:/5KE6LguFS7BB

Score
10/10
amadeytrojan

Malware Config

Extracted

Family

amadey

Version

3.70

C2

212.113.119.255/joomla/index.php

Targets

    • Target

      0x0007000000014abe-116.dat

    • Size

      232KB

    • MD5

      a501b621e2d0896f5edb6cbf155423a6

    • SHA1

      d75004a252c7b0b20678990e7a610d588de9dc8d

    • SHA256

      b1125fd3bc17e2cec3f04596ebb4ae421628883a98f68cabebc6663dd1c5cdc5

    • SHA512

      e9968c04b5bd14bbe82cc90518e84b0001065af26d380404e7b29f2d7f836057e7a1693706f8dbaf8b1097cbdca13f5dd508df3eba12c5dc6f4bc23d4dce1f1b

    • SSDEEP

      6144:mKVNIG75NpcElElt/DgK1yuFShFBr2D+:/5KE6LguFS7BB

    Score
    10/10
    amadeytrojan

    • Amadey

      Amadey bot is a simple trojan bot primarily used for collecting reconnaissance information.

      trojanamadey

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks