Overview

overview

10

Static

static

10

2360-3-0x0...ry.exe

windows7-x64

1

2360-3-0x0...ry.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2360-3-0x0000000000400000-0x0000000000470000-memory.dmp

  • Size

    448KB

  • Sample

    240517-lhz2fsbg5t

  • MD5

    70b6211899362f9e91bc4cab5582506f

  • SHA1

    84a99773ac86c22c4ff9d6195055630a7adf3eb4

  • SHA256

    7623e26c49d6512fe1227ee3ff64c570cf98219bd9a1d5d0d502a77cdad8098f

  • SHA512

    51099669704a0c4f818d39931729f9e5418e7e75403762483160cbfccec273eaeb35b5988d20ebedb6da2a8907be25de27af982629e902f6037718c2a9910ce9

  • SSDEEP

    6144:T1hP9dWA4d2TXUPD94AfiUoMtda7Q0DeaO50fkrX6CKdCIBfi9BvLauZeQt4TFCb:T9oSUvfiR7CokrK1dC2UBjauZeQCa

Score
10/10
amadey667bac

Malware Config

Extracted

Family

amadey

Version

4.21

Botnet

667bac

C2

http://94.156.68.141

Attributes
  • install_dir

    716b9e4c6b

  • install_file

    Dctooux.exe

  • strings_key

    8e31b2add27c52b4aedc47b90f997046

  • url_paths

    /h9fmdW5/index.php

rc4.plain

Targets

    • Target

      2360-3-0x0000000000400000-0x0000000000470000-memory.dmp

    • Size

      448KB

    • MD5

      70b6211899362f9e91bc4cab5582506f

    • SHA1

      84a99773ac86c22c4ff9d6195055630a7adf3eb4

    • SHA256

      7623e26c49d6512fe1227ee3ff64c570cf98219bd9a1d5d0d502a77cdad8098f

    • SHA512

      51099669704a0c4f818d39931729f9e5418e7e75403762483160cbfccec273eaeb35b5988d20ebedb6da2a8907be25de27af982629e902f6037718c2a9910ce9

    • SSDEEP

      6144:T1hP9dWA4d2TXUPD94AfiUoMtda7Q0DeaO50fkrX6CKdCIBfi9BvLauZeQt4TFCb:T9oSUvfiR7CokrK1dC2UBjauZeQCa

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks