amadey | d55f88782d064395da4df135fecb69b4923fb5dd3e29abda22a61bfe73806d47 | Triage

Sharing

General

Target

d55f88782d064395da4df135fecb69b4923fb5dd3e29abda22a61bfe73806d47
Size

236KB
Sample

240526-d1keqadh99
MD5

3d0744b8a5f48e8394218ae90b025180
SHA1

63992493fc30e1262e9827096128aab42aca5280
SHA256

d55f88782d064395da4df135fecb69b4923fb5dd3e29abda22a61bfe73806d47
SHA512

03561af742c1cbb7d3a32760f92b7dec41406eafcd7851a56d0dd98899aa8d3d06ef5ad2eebbef967d1d887fc017d24a33627a7877b445135305307ed005dcd2
SSDEEP

6144:bMwVoejm5JJw20a1bfjVEmAuVy13Ngsk8TH:bp7Za5VsuVy5N9

Score

10^/10

amadey 8355e6

Malware Config

Extracted

Family

amadey

Version

3.66

Botnet

8355e6

C2

http://193.233.20.2

Attributes

install_dir
4b9a106e76
install_file
mnolyk.exe
strings_key
20e23f505be2f1c9dbe395f951ed29fb
url_paths
/Bn89hku/index.php

rc4.plain

Targets

- Target
  
  d55f88782d064395da4df135fecb69b4923fb5dd3e29abda22a61bfe73806d47
- Size
  
  236KB
- MD5
  
  3d0744b8a5f48e8394218ae90b025180
- SHA1
  
  63992493fc30e1262e9827096128aab42aca5280
- SHA256
  
  d55f88782d064395da4df135fecb69b4923fb5dd3e29abda22a61bfe73806d47
- SHA512
  
  03561af742c1cbb7d3a32760f92b7dec41406eafcd7851a56d0dd98899aa8d3d06ef5ad2eebbef967d1d887fc017d24a33627a7877b445135305307ed005dcd2
- SSDEEP
  
  6144:bMwVoejm5JJw20a1bfjVEmAuVy13Ngsk8TH:bp7Za5VsuVy5N9
Score

3^/10
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2