amadey | 2518ed72782a36f253d3e71cf78d5a52[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2518ed72782a36f253d3e71cf78d5a52.bin
Size

4.7MB
MD5

2518ed72782a36f253d3e71cf78d5a52
SHA1

e79fae36a5ba8b66471bbd632286db2f5dd4e8b5
SHA256

13b8e2dda15acfb9e70e6a667e00ab930af1d3c2597497cbb52e5e372b566893
SHA512

0a91be400671b16c890464c1e54f53fdc22a110418161a80fd1d250b4af17c1adf2d96cffd0e01ad01b5389e0f90d29e026d75ab8d04439c239be2d62380ac8b
SSDEEP

98304:BROu/MzVVmf1hF9FDcVxiNXKGH1JIvTfq0rAcn+Mu2NDCyhv:B5N/JCbfhzlCyhv

Score

10^/10

amadey

Malware Config

Signatures

Amadey family
amadey

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2518ed72782a36f253d3e71cf78d5a52.bin

Files

2518ed72782a36f253d3e71cf78d5a52.bin
.exe windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 181KB - Virtual size: 404KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pfdyxyix
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ysdzuopn
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taggant
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE