amadey | 5e4ea36762c6a655aecbf8bd7a7d6a1eed50c7dd8366d85648cebfab64f7c0bc | Triage

Sharing

General

Target

0df826c9faf38e7c5bf06d51fe37a3d0_NeikiAnalytics.exe
Size

229KB
Sample

240525-xszdfseg5w
MD5

0df826c9faf38e7c5bf06d51fe37a3d0
SHA1

c32d0cfdb9c77cad2cf609efe466539b24e7f580
SHA256

5e4ea36762c6a655aecbf8bd7a7d6a1eed50c7dd8366d85648cebfab64f7c0bc
SHA512

e0a34422a494f8878dc2a568c6fa6d3c066e1cb1f06e150ff85543ec5e0c6bad20f9e078d3dff7686e0c2f7dc67a37fe47c582d3603e94e704a621d48225c5bf
SSDEEP

6144:7iVQQG75dpcElElt/DgK1yuFShGJm2BA:rBKE6LguFSYJA

Score

10^/10

amadey b50502

Malware Config

Extracted

Family

amadey

Version

3.70

Botnet

b50502

C2

http://77.91.124.207

Attributes

install_dir
595f021478
install_file
oneetx.exe
strings_key
6e3d32d239380a49b6f83128fe71ea01
url_paths
/plays/chapter/index.php

rc4.plain

Targets

- Target
  
  0df826c9faf38e7c5bf06d51fe37a3d0_NeikiAnalytics.exe
- Size
  
  229KB
- MD5
  
  0df826c9faf38e7c5bf06d51fe37a3d0
- SHA1
  
  c32d0cfdb9c77cad2cf609efe466539b24e7f580
- SHA256
  
  5e4ea36762c6a655aecbf8bd7a7d6a1eed50c7dd8366d85648cebfab64f7c0bc
- SHA512
  
  e0a34422a494f8878dc2a568c6fa6d3c066e1cb1f06e150ff85543ec5e0c6bad20f9e078d3dff7686e0c2f7dc67a37fe47c582d3603e94e704a621d48225c5bf
- SSDEEP
  
  6144:7iVQQG75dpcElElt/DgK1yuFShGJm2BA:rBKE6LguFSYJA
Score

3^/10
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2