amadey | cc830eb77bde346a19d667c8a4713a1b61f8ec504d227451f93b2251f800a230 | Triage

Sharing

General

Target

2512-2-0x0000000000090000-0x0000000000543000-memory.dmp
Size

4.7MB
Sample

240327-h2de1sac2x
MD5

177bd189c92480403a133761735d9846
SHA1

eeba3a40dc85470330e32d4bb26550fc9bc7d48b
SHA256

cc830eb77bde346a19d667c8a4713a1b61f8ec504d227451f93b2251f800a230
SHA512

9804e9a6c144eedde6257f860cdeb3de8630fcb94ab943759b787c2b7fc2d5aea160b01806f58910d7ef48922db5ceb392de972b85042c51f50483ec55fdc328
SSDEEP

98304:KCbPDIBmpD+XviofC1ri8WsG0zjwe3YuCGJPexEPdujK:KIqv8w4G2F

Score

10^/10

amadey trojan

Malware Config

Extracted

Family

amadey

Version

4.17

C2

http://185.215.113.32

Attributes

install_dir
00c07260dc
install_file
explorgu.exe
strings_key
461809bd97c251ba0c0c8450c7055f1d
url_paths
/yandex/index.php

rc4.plain

Targets

- Target
  
  2512-2-0x0000000000090000-0x0000000000543000-memory.dmp
- Size
  
  4.7MB
- MD5
  
  177bd189c92480403a133761735d9846
- SHA1
  
  eeba3a40dc85470330e32d4bb26550fc9bc7d48b
- SHA256
  
  cc830eb77bde346a19d667c8a4713a1b61f8ec504d227451f93b2251f800a230
- SHA512
  
  9804e9a6c144eedde6257f860cdeb3de8630fcb94ab943759b787c2b7fc2d5aea160b01806f58910d7ef48922db5ceb392de972b85042c51f50483ec55fdc328
- SSDEEP
  
  98304:KCbPDIBmpD+XviofC1ri8WsG0zjwe3YuCGJPexEPdujK:KIqv8w4G2F
Score

10^/10

amadey trojan
- Amadey
  Amadey bot is a simple trojan bot primarily used for collecting reconnaissance information.
  trojan amadey
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2