Extracted

• • Target

    a7c8566bc2744a0d4bfdd643097d7dcca745a8eded3d3d0199f78b25e9aebfd8.exe

  • Size

    422KB

  • MD5

    9d4a02c07badf0c7de81bc010f5857be

  • SHA1

    d5a6ee5af482315c722e2baf38cb7a48e256e0c1

  • SHA256

    a7c8566bc2744a0d4bfdd643097d7dcca745a8eded3d3d0199f78b25e9aebfd8

  • SHA512

    ddfc825bfa1bdea83c8b2b74a95b285a817862d513edbdf655a712b616c1194e3524f3f5b819343091162cf247064cac847dad861c388f9df3f45418d1b99924

  • SSDEEP

    6144:T1hP9dWA4d2TXUPD94AfiUoMtda7Q0DeaO50fkrX6CKdCIBfi9BvLauZeQn4TF5G:T9oSUvfiR7CokrK1dC2UBjauZeQMa

  Score

  10^/10

  amadeytrojan

  • Amadey

    Amadey bot is a simple trojan bot primarily used for collecting reconnaissance information.

    trojanamadey

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE

  • Loads dropped DLL

  behavioral1behavioral2