General

  • Target

    5So03aD.exe

  • Size

    221KB

  • MD5

    c5ffb422ba676610d6fdb512537f31c2

  • SHA1

    2a5bf30dca7271cf44c9a0bb8ba81be13334333f

  • SHA256

    b3f42f397256872de5955bb9479e7e84540c51e8c6ee6bfa0eee9ecc5d460a71

  • SHA512

    982cfa94c5bfa4688792b7a1111381a4885d93b7232a7ae13c387603e1de7fea9d8c24bc69ca6f2c09bb05656c5940e47291f5fe4d162a9b2766559d5a9eed26

  • SSDEEP

    6144:DEPAc72ss5pKL93yMax7pH3F2d1ugMeSWp:DE32xpoaxBFg1ugMeS

Score
10/10

Malware Config

Extracted

Family

amadey

Version

3.89

C2

http://77.91.124.1/theme/index.php

Attributes
  • install_dir

    fefffe8cea

  • install_file

    explothe.exe

  • strings_key

    36a96139c1118a354edf72b1080d4b2f

rc4.plain

Signatures

  • Amadey family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 5So03aD.exe
    .exe windows:6 windows x86

    3865972614d44e518713c9a6183fed14


    Headers

    Imports

    Sections