amadey | cc710918467e4b28f04f27dbec45cb6168b4828de5771233f1ef0c5a485a55ca | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

7

dridex

windows10-2004-x64

Sharing

General

Target

cc710918467e4b28f04f27dbec45cb6168b4828de5771233f1ef0c5a485a55ca
Size

4.0MB
Sample

231011-lkh6qaga96
MD5

a38e39cfe409a847b1252327796dd499
SHA1

ced9a956fea03e4def5fb8f5cdcdef814554f2a0
SHA256

cc710918467e4b28f04f27dbec45cb6168b4828de5771233f1ef0c5a485a55ca
SHA512

28da914ea74727cb8d9fd618cf5cd449e3d67d97f2e29016e532a3e7c1993b57506189ecfab654049aa9a8cab82396bcae83bd8b092953892c4305395856fa60
SSDEEP

24576:0d+yabNjLQp8+qlArd9+5l7OuB7S7THKU4eEO+wbbNny+1dZNd/eMvey:0diZvQp727OuBenKLbnwFNZeMvH

Score

10^/10

amadey trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

cc710918467e4b28f04f27dbec45cb6168b4828de5771233f1ef0c5a485a55ca.exe

Resource

win10v2004-20230915-en

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Extracted

Family

amadey

Version

3.86

C2

http://45.9.74.182/b7djSDcPcZ/index.php

Attributes

install_dir
f3f10bd848
install_file
bstyoops.exe
strings_key
05986a1cda6dc6caabf469f27fb6c32d

rc4.plain

Targets

- Target
  
  cc710918467e4b28f04f27dbec45cb6168b4828de5771233f1ef0c5a485a55ca
- Size
  
  4.0MB
- MD5
  
  a38e39cfe409a847b1252327796dd499
- SHA1
  
  ced9a956fea03e4def5fb8f5cdcdef814554f2a0
- SHA256
  
  cc710918467e4b28f04f27dbec45cb6168b4828de5771233f1ef0c5a485a55ca
- SHA512
  
  28da914ea74727cb8d9fd618cf5cd449e3d67d97f2e29016e532a3e7c1993b57506189ecfab654049aa9a8cab82396bcae83bd8b092953892c4305395856fa60
- SSDEEP
  
  24576:0d+yabNjLQp8+qlArd9+5l7OuB7S7THKU4eEO+wbbNny+1dZNd/eMvey:0diZvQp727OuBenKLbnwFNZeMvH
Score

10^/10

amadey trojan
- Amadey
  Amadey bot is a simple trojan bot primarily used for collecting reconnaissance information.
  trojan amadey
- .NET Reactor proctector
  Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.
- Drops startup file
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy