amadey | 636f60bb4d4c1a785ebc5917c55851ae029db3d04f0b400b1118ef75082a449e | Triage

Sharing

General

Target

636f60bb4d4c1a785ebc5917c55851ae029db3d04f0b400b1118ef75082a449e
Size

204KB
Sample

240523-2ctkgsbc37
MD5

1672981f696e6ced75648724a9d2d4d4
SHA1

d1ab9f8b7fb14335826633dc720c148491b85636
SHA256

636f60bb4d4c1a785ebc5917c55851ae029db3d04f0b400b1118ef75082a449e
SHA512

4304f027369196af191bc3775e19b667b49418adeb5f7460530b15c9ae6cadf838fe1735fdbde9ab0266bfce5a38953b473061dbcc0baf5e49f8664554e3fafa
SSDEEP

3072:5/frTDzurT1S3CzpdmnATE55zjExkKGruONMvhu5QTXFeJX2v8eE2fliPwU:dfrnzurs3Czpexj2kGOIu5QTQgE29D

Score

10^/10

amadey 8c4642

Malware Config

Extracted

Family

amadey

Version

3.80

Botnet

8c4642

C2

http://193.201.9.240

Attributes

install_dir
cb7ae701b3
install_file
oneetx.exe
strings_key
c7c0f24aa6d8f611f5533809029a4795
url_paths
/live/games/index.php

rc4.plain

Targets

- Target
  
  636f60bb4d4c1a785ebc5917c55851ae029db3d04f0b400b1118ef75082a449e
- Size
  
  204KB
- MD5
  
  1672981f696e6ced75648724a9d2d4d4
- SHA1
  
  d1ab9f8b7fb14335826633dc720c148491b85636
- SHA256
  
  636f60bb4d4c1a785ebc5917c55851ae029db3d04f0b400b1118ef75082a449e
- SHA512
  
  4304f027369196af191bc3775e19b667b49418adeb5f7460530b15c9ae6cadf838fe1735fdbde9ab0266bfce5a38953b473061dbcc0baf5e49f8664554e3fafa
- SSDEEP
  
  3072:5/frTDzurT1S3CzpdmnATE55zjExkKGruONMvhu5QTXFeJX2v8eE2fliPwU:dfrnzurs3Czpexj2kGOIu5QTQgE29D
Score

3^/10
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2