amadey | 9edbda88dd66c2458a6f9a7e38826d31662dc717a8c60d803d4f25b1261c3834 | Triage

Sharing

General

Target

2220-3-0x0000000000400000-0x000000000047A000-memory.dmp
Size

488KB
Sample

240526-vlvetaec69
MD5

2bd999bbddf38d7b822dcf6ae56474eb
SHA1

975ee0bd5b13dc4d64935fa77446f041cf5abbae
SHA256

9edbda88dd66c2458a6f9a7e38826d31662dc717a8c60d803d4f25b1261c3834
SHA512

701d97e3f37ff4cb6a319e2af1e6d20d1d2b448ac30856a5a8533c4e11ddbebedb7c51548bec6664c933a357a1ca2755eb7cf37346dc250790439c270800c40d
SSDEEP

12288:yfmHH7GF8M7ExxliV0LGYZmzpumexZpYK:y47GF88EbnLtMEZpYK

Score

10^/10

amadey a899e0

Malware Config

Extracted

Family

amadey

Version

4.14

Botnet

a899e0

C2

http://anfesq.com

http://cbinr.com

http://rimakc.ru

Attributes

install_dir
68fd3d7ade
install_file
Utsysc.exe
strings_key
27ec7fd6f50f63b8af0c1d3deefcc8fe
url_paths
/forum/index.php

rc4.plain

Targets

- Target
  
  2220-3-0x0000000000400000-0x000000000047A000-memory.dmp
- Size
  
  488KB
- MD5
  
  2bd999bbddf38d7b822dcf6ae56474eb
- SHA1
  
  975ee0bd5b13dc4d64935fa77446f041cf5abbae
- SHA256
  
  9edbda88dd66c2458a6f9a7e38826d31662dc717a8c60d803d4f25b1261c3834
- SHA512
  
  701d97e3f37ff4cb6a319e2af1e6d20d1d2b448ac30856a5a8533c4e11ddbebedb7c51548bec6664c933a357a1ca2755eb7cf37346dc250790439c270800c40d
- SSDEEP
  
  12288:yfmHH7GF8M7ExxliV0LGYZmzpumexZpYK:y47GF88EbnLtMEZpYK
Score

1^/10
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2