Overview

overview

10

Static

static

10

NEAS.9ed96...d0.exe

windows7-x64

10

NEAS.9ed96...d0.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    NEAS.9ed962d9bd1f74f053d74fc4606f5dd0.exe

  • Size

    230KB

  • Sample

    231203-zc6hyafb8t

  • MD5

    9ed962d9bd1f74f053d74fc4606f5dd0

  • SHA1

    fc491c4e8a133ef9e307b0ed24c3aadbd8653aaa

  • SHA256

    bfcc2b2349107e4dae647e6a28a7babe852ae0bdad42e8294fe66aa309987f26

  • SHA512

    6587fe11495bc9ff54cb5cff4e500b405c2de0186bd3678fba2c59f24769e7e5f82284f0665ba192e6b9a4106ab250e861c61dbc4c14c1284d6012842cfe0907

  • SSDEEP

    6144:LEPAc72ss5pKL93yMax7pH3F2d1ugMeSWp:LE32xpoaxBFg1ugMeS

Score
10/10
amadeytrojan

Malware Config

Extracted

Family

amadey

Version

3.89

C2

http://77.91.124.1

Attributes
  • install_dir

    fefffe8cea

  • install_file

    explothe.exe

  • strings_key

    36a96139c1118a354edf72b1080d4b2f

  • url_paths

    /theme/index.php

rc4.plain

Targets

    • Target

      NEAS.9ed962d9bd1f74f053d74fc4606f5dd0.exe

    • Size

      230KB

    • MD5

      9ed962d9bd1f74f053d74fc4606f5dd0

    • SHA1

      fc491c4e8a133ef9e307b0ed24c3aadbd8653aaa

    • SHA256

      bfcc2b2349107e4dae647e6a28a7babe852ae0bdad42e8294fe66aa309987f26

    • SHA512

      6587fe11495bc9ff54cb5cff4e500b405c2de0186bd3678fba2c59f24769e7e5f82284f0665ba192e6b9a4106ab250e861c61dbc4c14c1284d6012842cfe0907

    • SSDEEP

      6144:LEPAc72ss5pKL93yMax7pH3F2d1ugMeSWp:LE32xpoaxBFg1ugMeS

    Score
    10/10
    amadeytrojan

    • Amadey

      Amadey bot is a simple trojan bot primarily used for collecting reconnaissance information.

      trojanamadey
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks