Overview

overview

10

Static

static

10

3028-0-0x0...ry.exe

windows7-x64

10

3028-0-0x0...ry.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    91s
  • max time network
    121s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    13-02-2024 22:19

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3028-0-0x0000000000E60000-0x0000000001308000-memory.exe

  • Size

    4.7MB

  • MD5

    80ab8b0754879b5ad29c8e041f18fe72

  • SHA1

    e4b29203b4e652b7b45048c10a8e3b8558d33d45

  • SHA256

    7d124bdb67a0819285c0603897f2991b1ccbf5d9d0362d347d11cd0d4238478d

  • SHA512

    9231e27cf7f0967bc611a91b6b7db0b8785d223a5f00c777398181cd54c5fe4d59dc32c6cca7e067aafb5b80b6b75217137699bced7d4c1a5291daa175dbfe17

  • SSDEEP

    24576:1W4vNGNNHHU8CKyJG8Z66XzaFGsfvqFeOamMSnIDeZO1dyTU4S:1WANAu8CLf66j1VM0ID8mAV

Score
10/10
amadeytrojan

Malware Config

Signatures

  • Amadey

    Amadey bot is a simple trojan bot primarily used for collecting reconnaissance information.

    trojanamadey

Processes

  • C:\Users\Admin\AppData\Local\Temp\3028-0-0x0000000000E60000-0x0000000001308000-memory.exe
    "C:\Users\Admin\AppData\Local\Temp\3028-0-0x0000000000E60000-0x0000000001308000-memory.exe"
    1⤵
      PID:1896

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1896-0-0x0000000000E60000-0x0000000001308000-memory.dmp

      Filesize

      4.7MB

      Download

    • memory/1896-1-0x0000000000E60000-0x0000000001308000-memory.dmp

      Filesize

      4.7MB

      Download