Overview

overview

10

Static

static

3

dridex

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bb150377b93d4df2a877a68e700490644290a0ea59001c189e55bbf62bad1e68

  • Size

    778KB

  • Sample

    231122-d7xnmahh98

  • MD5

    d182c5cc932fdf30690e58b1c7e297de

  • SHA1

    249540ccad900d3cc6c5b2ccc9447d5ca895879d

  • SHA256

    bb150377b93d4df2a877a68e700490644290a0ea59001c189e55bbf62bad1e68

  • SHA512

    7038d3a737edd97fa9278c5c76df5e5cccfd0b6bc10cf76d422e0ec3b244519863d959b350dc3b8712203df6bf6f9f134db68b60545421bd6c65b83ec0aef380

  • SSDEEP

    12288:6bgEa19Hi8mgRp0rAj67YdHZhvWvMS8jTRaFxnn4wGTl:zPmy0rm1XvWvt8jTw/0T

Score
10/10
amadeytrojan

Malware Config

Targets

    • Target

      bb150377b93d4df2a877a68e700490644290a0ea59001c189e55bbf62bad1e68

    • Size

      778KB

    • MD5

      d182c5cc932fdf30690e58b1c7e297de

    • SHA1

      249540ccad900d3cc6c5b2ccc9447d5ca895879d

    • SHA256

      bb150377b93d4df2a877a68e700490644290a0ea59001c189e55bbf62bad1e68

    • SHA512

      7038d3a737edd97fa9278c5c76df5e5cccfd0b6bc10cf76d422e0ec3b244519863d959b350dc3b8712203df6bf6f9f134db68b60545421bd6c65b83ec0aef380

    • SSDEEP

      12288:6bgEa19Hi8mgRp0rAj67YdHZhvWvMS8jTRaFxnn4wGTl:zPmy0rm1XvWvt8jTw/0T

    Score
    10/10
    amadeytrojan

    • Amadey

      Amadey bot is a simple trojan bot primarily used for collecting reconnaissance information.

      trojanamadey

    • Downloads MZ/PE file

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Scheduled Task/Job

1
T1053

Persistence

Scheduled Task/Job

1
T1053

Privilege Escalation

Scheduled Task/Job

1
T1053

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks