Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

0x00030000...03.exe

windows7-x64

10

0x00030000...03.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0x0003000000000731-203.dat

  • Size

    206KB

  • Sample

    230614-yh5cdsdb81

  • MD5

    116ba99c9cce91cee7d3b878c8f4ae87

  • SHA1

    16cc47876c7eadd0a4da5e8e1d0abda6db4fb52f

  • SHA256

    94e99a1b20326cb4564d899f3d71ad9d7311ba77a47984367ddfe711d3c3a70e

  • SHA512

    a91221a00ccffebe110847b60f509f85bd648ecec0819ca66bf602f4709bc516d713a6ea88b06685afc91a0548d2a677be391765703c8fea5db417778679f3ee

  • SSDEEP

    3072:WpxiMVc/oooAUNfLp1zuNW3KG7uON8wAuZA+6jbe83xfbq5kmh:siMV5oofVu432OiuZAlXjq

Score
10/10
amadeytrojan

Malware Config

Extracted

Family

amadey

Version

3.81

C2

95.214.27.98/cronus/index.php

Targets

    • Target

      0x0003000000000731-203.dat

    • Size

      206KB

    • MD5

      116ba99c9cce91cee7d3b878c8f4ae87

    • SHA1

      16cc47876c7eadd0a4da5e8e1d0abda6db4fb52f

    • SHA256

      94e99a1b20326cb4564d899f3d71ad9d7311ba77a47984367ddfe711d3c3a70e

    • SHA512

      a91221a00ccffebe110847b60f509f85bd648ecec0819ca66bf602f4709bc516d713a6ea88b06685afc91a0548d2a677be391765703c8fea5db417778679f3ee

    • SSDEEP

      3072:WpxiMVc/oooAUNfLp1zuNW3KG7uON8wAuZA+6jbe83xfbq5kmh:siMV5oofVu432OiuZAlXjq

    Score
    10/10
    amadeytrojan

    • Amadey

      Amadey bot is a simple trojan bot primarily used for collecting reconnaissance information.

      trojanamadey

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks