amadey

Resubmissions

10-08-2023 00:44

230810-a3xahsab6s 10

29-07-2023 01:06

230729-bf3z8aba6v 10

Sharing

Copy URL

Twitter E-mail

General

Target

15767660942cc7c75ff800cfeb1b759f8194d3a1332a9.exe
Size

6.5MB
Sample

230810-a3xahsab6s
MD5

92031e02bc46932ace98fb8b54f261f4
SHA1

e4414033fedbaa9cb96660558748f36b5c0ae9d3
SHA256

15767660942cc7c75ff800cfeb1b759f8194d3a1332a9fb024abdf4b86cfc9df
SHA512

9407bb053c91482fa5426f3d11f5b271f42556905ba49ba0f50fd1f147c24d555086f5ffd11f36187a15ed2d9abc0c45e16c92c0b30f87849ad39a64186c1195
SSDEEP

98304:FgTOuxyekXIG+AM/M8MqPtPGp/6qWXCT5QYux3bWJvAi9nzDMeEuJW2wq73:l4KM/BMqPt8/lWSDucUPqr

Score

10^/10

Malware Config

Extracted

Family

amadey

Version

3.85

45.9.74.166/b7djSDcPcZ/index.php

45.9.74.141/b7djSDcPcZ/index.php

Targets

- Target
  
  15767660942cc7c75ff800cfeb1b759f8194d3a1332a9.exe
- Size
  
  6.5MB
- MD5
  
  92031e02bc46932ace98fb8b54f261f4
- SHA1
  
  e4414033fedbaa9cb96660558748f36b5c0ae9d3
- SHA256
  
  15767660942cc7c75ff800cfeb1b759f8194d3a1332a9fb024abdf4b86cfc9df
- SHA512
  
  9407bb053c91482fa5426f3d11f5b271f42556905ba49ba0f50fd1f147c24d555086f5ffd11f36187a15ed2d9abc0c45e16c92c0b30f87849ad39a64186c1195
- SSDEEP
  
  98304:FgTOuxyekXIG+AM/M8MqPtPGp/6qWXCT5QYux3bWJvAi9nzDMeEuJW2wq73:l4KM/BMqPt8/lWSDucUPqr
Score

10^/10

amadey trojan vmprotect
- Amadey
  Amadey bot is a simple trojan bot primarily used for collecting reconnaissance information.
  trojan amadey
- Executes dropped EXE
- Loads dropped DLL
- VMProtect packed file
  Detects executables packed with VMProtect commercial packer.
  vmprotect
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

T1053

Persistence

Scheduled Task/Job

T1053

Privilege Escalation

Scheduled Task/Job

T1053

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Extracted

Targets

Executes dropped EXE

Loads dropped DLL

VMProtect packed file

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2