Extracted

• • Target

    d10fd57ed5550212a4bfbb65732c489479c49c888737d3dc818290189fc2e719.exe

  • Size

    370KB

  • MD5

    1f68fe6fc999460d808a243a15232611

  • SHA1

    2c5b12ad940e1772b001d85b77c5b86f84b9eb03

  • SHA256

    d10fd57ed5550212a4bfbb65732c489479c49c888737d3dc818290189fc2e719

  • SHA512

    e5faf7c55297860b5304699e304b5ebe8527f73bf2b7f71d30111712df6eec50e9f38b2930f87c14c762b2143d74ff7ce71953ce261c93a6857193389f8c278f

  • SSDEEP

    6144:4iHP5o9P45e/kejyjel3IUIBaouNfiAtC+Qgm7f1vOFqx:4aP5yZDjQgIUIBaoQfieQg61mFqx

  Score

  10^/10

  amadey667bactrojan

  • Amadey

    Amadey bot is a simple trojan bot primarily used for collecting reconnaissance information.

    trojanamadey

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE

  • Loads dropped DLL

  behavioral1behavioral2