Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

0x00060000...27.exe

windows7-x64

10

0x00060000...27.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0x0006000000014b97-127.dat

  • Size

    205KB

  • Sample

    230616-hjp14add62

  • MD5

    32587b3c81da526ac2a63d4a5ada0dc4

  • SHA1

    d9f173531b78c902bff5beaafc4360633613f7c2

  • SHA256

    f57dc054008a6db763dd0d87619bbafd55ff81301a6d858d3e7a1f585ab21c36

  • SHA512

    9b5607b2ca9bd22aaee28409b7487c2603de9088d52c32cd930dd3ec7f398e5da0cfde67036249c364bfdab6f6508b33f1a68abf3dbe475adb3d8563b048eb6a

  • SSDEEP

    3072:CXkSckkHbzG1iXAt60p0zuNmnKG7peNMQbuZAIOb2y3xfbT:8kSDAzG1iciuInRexuZAIKj

Score
10/10
amadeytrojan

Malware Config

Extracted

Family

amadey

Version

3.84

C2

77.91.68.63/doma/net/index.php

Targets

    • Target

      0x0006000000014b97-127.dat

    • Size

      205KB

    • MD5

      32587b3c81da526ac2a63d4a5ada0dc4

    • SHA1

      d9f173531b78c902bff5beaafc4360633613f7c2

    • SHA256

      f57dc054008a6db763dd0d87619bbafd55ff81301a6d858d3e7a1f585ab21c36

    • SHA512

      9b5607b2ca9bd22aaee28409b7487c2603de9088d52c32cd930dd3ec7f398e5da0cfde67036249c364bfdab6f6508b33f1a68abf3dbe475adb3d8563b048eb6a

    • SSDEEP

      3072:CXkSckkHbzG1iXAt60p0zuNmnKG7peNMQbuZAIOb2y3xfbT:8kSDAzG1iciuInRexuZAIKj

    Score
    10/10
    amadeytrojan

    • Amadey

      Amadey bot is a simple trojan bot primarily used for collecting reconnaissance information.

      trojanamadey

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks