amadey | 61518b6c826423c0b3441a55213b7b993a5b3049ceee55d4326486435cdb1e63 | Triage

Sharing

General

Target

61518b6c826423c0b3441a55213b7b993a5b3049ceee55d4326486435cdb1e63
Size

229KB
Sample

240523-19mb1aba92
MD5

9b2a8c32618ae0083b20692ad46ca70a
SHA1

2f24e0381ec592bec3ac7318a3d72ef0cc56e499
SHA256

61518b6c826423c0b3441a55213b7b993a5b3049ceee55d4326486435cdb1e63
SHA512

06b3f8547976257922e44481b134db95b12dbbe3103e6925146259015cb5c74482ad1f975cabe64eef5d08d1f7d84ad32847d081626b6348cdd3956cd2949707
SSDEEP

6144:7iVQQG75dpcElElt/DgK1yuFShdJm2hs:rBKE6LguFSbJA

Score

10^/10

amadey b50502

Malware Config

Extracted

Family

amadey

Version

3.70

Botnet

b50502

C2

http://77.91.124.207

Attributes

install_dir
595f021478
install_file
oneetx.exe
strings_key
6e3d32d239380a49b6f83128fe71ea01
url_paths
/plays/chapter/index.php

rc4.plain

Targets

- Target
  
  61518b6c826423c0b3441a55213b7b993a5b3049ceee55d4326486435cdb1e63
- Size
  
  229KB
- MD5
  
  9b2a8c32618ae0083b20692ad46ca70a
- SHA1
  
  2f24e0381ec592bec3ac7318a3d72ef0cc56e499
- SHA256
  
  61518b6c826423c0b3441a55213b7b993a5b3049ceee55d4326486435cdb1e63
- SHA512
  
  06b3f8547976257922e44481b134db95b12dbbe3103e6925146259015cb5c74482ad1f975cabe64eef5d08d1f7d84ad32847d081626b6348cdd3956cd2949707
- SSDEEP
  
  6144:7iVQQG75dpcElElt/DgK1yuFShdJm2hs:rBKE6LguFSbJA
Score

3^/10
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2