amadey | ecc20ff68381ebcbe6c9155176288fc83e4ffa003059e41ed0c04664e017a981 | Triage

Sharing

General

Target

ecc20ff68381ebcbe6c9155176288fc83e4ffa003059e41ed0c04664e017a981.exe
Size

204KB
Sample

240524-mz5tpsed5s
MD5

458b136776805cb5237bb48153f8d34d
SHA1

13f57fb65117ce31cc2a0907ac026f6d3e39a8f9
SHA256

ecc20ff68381ebcbe6c9155176288fc83e4ffa003059e41ed0c04664e017a981
SHA512

8a1dd4bdfd7351cbd1c5fb50a248af661a323a8d917dc9d1699bdc34338d4e1f49168426307773dd3bc7c76a7e2093bcfecd04a97ad7b34e3f294c961d86c663
SSDEEP

3072:shMCsw9/w+A4cwP+5OzutpHKGruONM4QuZA+65bi83eILfpcJ5kmh:zCswq+AXYu7HGOSuZAleILaJ

Score

10^/10

amadey f9a925

Malware Config

Extracted

Family

amadey

Version

3.81

Botnet

f9a925

C2

http://77.91.124.20

Attributes

install_dir
c3912af058
install_file
oneetx.exe
strings_key
0504ce46646b0dc397a3c30d6692ec75
url_paths
/store/games/index.php

rc4.plain

Targets

- Target
  
  ecc20ff68381ebcbe6c9155176288fc83e4ffa003059e41ed0c04664e017a981.exe
- Size
  
  204KB
- MD5
  
  458b136776805cb5237bb48153f8d34d
- SHA1
  
  13f57fb65117ce31cc2a0907ac026f6d3e39a8f9
- SHA256
  
  ecc20ff68381ebcbe6c9155176288fc83e4ffa003059e41ed0c04664e017a981
- SHA512
  
  8a1dd4bdfd7351cbd1c5fb50a248af661a323a8d917dc9d1699bdc34338d4e1f49168426307773dd3bc7c76a7e2093bcfecd04a97ad7b34e3f294c961d86c663
- SSDEEP
  
  3072:shMCsw9/w+A4cwP+5OzutpHKGruONM4QuZA+65bi83eILfpcJ5kmh:zCswq+AXYu7HGOSuZAleILaJ
Score

3^/10
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2