Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

fb9187c149...89.exe

windows7-x64

10

fb9187c149...89.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fb9187c149528468a82c95ce22cdcc89.exe

  • Size

    394KB

  • Sample

    240607-edw1nshb8v

  • MD5

    fb9187c149528468a82c95ce22cdcc89

  • SHA1

    1b119e90d3c281357fcaa57a48ae62498b423a45

  • SHA256

    6ea1b7fc2afd69e401cf82a20c32a800a18bcfd16f29926d6660df7c271fdff4

  • SHA512

    a89f27c6510046aa3dc88b2a0268077a060c7bf04cac0e49c6666144d8d861067ff33bd5142896a9fd8ec5669271db7c9e78db91b4eb123b73edc184a6cc50be

  • SSDEEP

    6144:ulue+pRC5/Stc0+f7W0Q+3ag8s07pHepb9RiPY0BBrz+wyjTxxsDhkfC9JkCyuT:RjpRCprlQ+qqpbbig0nv+wc/GWW

Score
10/10
amadey8fc809trojan

Malware Config

Extracted

Family

amadey

Version

4.19

Botnet

8fc809

C2

http://nudump.com

http://otyt.ru

http://selltix.org
Attributes
  • install_dir

    b739b37d80

  • install_file

    Dctooux.exe

  • strings_key

    65bac8d4c26069c29f1fd276f7af33f3

  • url_paths

    /forum/index.php

    /forum2/index.php

    /forum3/index.php

rc4.plain

Targets

    • Target

      fb9187c149528468a82c95ce22cdcc89.exe

    • Size

      394KB

    • MD5

      fb9187c149528468a82c95ce22cdcc89

    • SHA1

      1b119e90d3c281357fcaa57a48ae62498b423a45

    • SHA256

      6ea1b7fc2afd69e401cf82a20c32a800a18bcfd16f29926d6660df7c271fdff4

    • SHA512

      a89f27c6510046aa3dc88b2a0268077a060c7bf04cac0e49c6666144d8d861067ff33bd5142896a9fd8ec5669271db7c9e78db91b4eb123b73edc184a6cc50be

    • SSDEEP

      6144:ulue+pRC5/Stc0+f7W0Q+3ag8s07pHepb9RiPY0BBrz+wyjTxxsDhkfC9JkCyuT:RjpRCprlQ+qqpbbig0nv+wc/GWW

    Score
    10/10
    amadey8fc809trojan

    • Amadey

      Amadey bot is a simple trojan bot primarily used for collecting reconnaissance information.

      trojanamadey

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks