General
-
Target
creddll.dll
-
Size
126KB
-
Sample
230701-jnss8ahb7s
-
MD5
a81511e199a9aa34da15d12c2f294b2c
-
SHA1
0f9006d8f09e91bbd459b8254dd945e4fbae25d9
-
SHA256
b9fa703b80c7d124148f64ae3474f1f2b01a42cd1ed6871be2bb6c9d15ecf871
-
SHA512
98e56b9f4a09b423432cd9c03110109f872dedef7bb29d7bb0cc5cd8827c5f67b8385dc9ca5faa4c23ae28dd3b1c87d977bd3b4e09eeb363c6f1d245a5e59707
-
SSDEEP
3072:Yx7pOYzBek+3tiINwyP7XSSJds3zhrjPcnq4Lv469:Yx7ZNh+3vwyOztPcrL
Malware Config
Targets
-
-
Target
creddll.dll
-
Size
126KB
-
MD5
a81511e199a9aa34da15d12c2f294b2c
-
SHA1
0f9006d8f09e91bbd459b8254dd945e4fbae25d9
-
SHA256
b9fa703b80c7d124148f64ae3474f1f2b01a42cd1ed6871be2bb6c9d15ecf871
-
SHA512
98e56b9f4a09b423432cd9c03110109f872dedef7bb29d7bb0cc5cd8827c5f67b8385dc9ca5faa4c23ae28dd3b1c87d977bd3b4e09eeb363c6f1d245a5e59707
-
SSDEEP
3072:Yx7pOYzBek+3tiINwyP7XSSJds3zhrjPcnq4Lv469:Yx7ZNh+3vwyOztPcrL
Score10/10-
Amadey
Amadey bot is a simple trojan bot primarily used for collecting reconnaissance information.
-
Detect Amadey credential stealer module
-
Reads local data of messenger clients
Infostealers often target stored data of messaging applications, which can include saved credentials and account information.
-
Accesses Microsoft Outlook profiles
-