Overview

overview

10

Static

static

10

1368-2-0x0...ry.exe

windows7-x64

1

1368-2-0x0...ry.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1368-2-0x0000000000ED0000-0x0000000001383000-memory.dmp

  • Size

    4.7MB

  • Sample

    240327-h1z8dsab9x

  • MD5

    ef09267ce9039886638d9344f5610800

  • SHA1

    29250a34dc21050346d3094f41881773d18a417f

  • SHA256

    074fdaf1999e29496e62013ffd7055ed7a3aef53159c993dd948e6480d36a7d0

  • SHA512

    7ef8ac1c4fd93d34fcbbcdcb0457f6b0ead8d2b46f9bc5f90b18ae8c81c5e450fae3308481afbaf453b0a88ba8e1f5ba6271dc8808ba0e23d40e5d3cfa401501

  • SSDEEP

    98304:5JLj9xBmpD+XviofCTLgsHoG0zjwe3YuCGJPexEPdujK:5OWs8w4G2F

Score
10/10
amadeytrojan

Malware Config

Extracted

Family

amadey

Version

4.17

C2

http://185.215.113.32

Attributes
  • install_dir

    00c07260dc

  • install_file

    explorgu.exe

  • strings_key

    461809bd97c251ba0c0c8450c7055f1d

  • url_paths

    /yandex/index.php

rc4.plain

Targets

    • Target

      1368-2-0x0000000000ED0000-0x0000000001383000-memory.dmp

    • Size

      4.7MB

    • MD5

      ef09267ce9039886638d9344f5610800

    • SHA1

      29250a34dc21050346d3094f41881773d18a417f

    • SHA256

      074fdaf1999e29496e62013ffd7055ed7a3aef53159c993dd948e6480d36a7d0

    • SHA512

      7ef8ac1c4fd93d34fcbbcdcb0457f6b0ead8d2b46f9bc5f90b18ae8c81c5e450fae3308481afbaf453b0a88ba8e1f5ba6271dc8808ba0e23d40e5d3cfa401501

    • SSDEEP

      98304:5JLj9xBmpD+XviofCTLgsHoG0zjwe3YuCGJPexEPdujK:5OWs8w4G2F

    Score
    10/10
    amadeytrojan

    • Amadey

      Amadey bot is a simple trojan bot primarily used for collecting reconnaissance information.

      trojanamadey
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks