General
-
Target
am.exe
-
Size
8.1MB
-
Sample
240403-he7qcaab9t
-
MD5
31fd3d2bdee0fd45c35273bebe4907fa
-
SHA1
e464d8d3e5a16c0484ecb40e0599a3b4ad1e3f21
-
SHA256
5fa605bf9666dc9486a83737d1f77e241bb27a033e609625499f17dbf608e840
-
SHA512
5a5558811d5a167db43a0a96679f253c3692921e59bc61708a66f6f55458441bb3c3bdc24896eefabd5f2edfb6c87b87be520bd8abd29b0428d831d24ae947b9
-
SSDEEP
196608:Z0SPWFEHfuhw52hhflik2kYrq/d/wNHP7as4v:Zgqfuhw0hmZry4NesG
Static task
static1
Behavioral task
behavioral1
Sample
am.exe
Resource
win7-20240221-en
Malware Config
Extracted
amadey
4.19
http://bestofthebesttraining.com
-
install_dir
763b1308d2
-
install_file
Dctooux.exe
-
strings_key
039c1d21f5b79a4ad9168019f3454a0c
-
url_paths
/8BvxwQdec3/index.php
Targets
-
-
Target
am.exe
-
Size
8.1MB
-
MD5
31fd3d2bdee0fd45c35273bebe4907fa
-
SHA1
e464d8d3e5a16c0484ecb40e0599a3b4ad1e3f21
-
SHA256
5fa605bf9666dc9486a83737d1f77e241bb27a033e609625499f17dbf608e840
-
SHA512
5a5558811d5a167db43a0a96679f253c3692921e59bc61708a66f6f55458441bb3c3bdc24896eefabd5f2edfb6c87b87be520bd8abd29b0428d831d24ae947b9
-
SSDEEP
196608:Z0SPWFEHfuhw52hhflik2kYrq/d/wNHP7as4v:Zgqfuhw0hmZry4NesG
-
Suspicious use of SetThreadContext
-