General

  • Target

    3060-96-0x0000000000540000-0x0000000000A09000-memory.dmp

  • Size

    4.8MB

  • Sample

    240705-prjmlsybrm

  • MD5

    6d9013910a81bd3b24ddb6793c8c476e

  • SHA1

    27dae94981deb54debd468d0df2961b567cbf5b9

  • SHA256

    381b41a298173308ad5088f13e748515d451bf006a5ad46823062027ffd2eac8

  • SHA512

    4e57a77495ae15e153d08d94c41a4eaaff45b18f5cc2be64cce5f8eb7836bf980b88083df3c39b5b3ca697f42a152459f1e48dcb8e52af5cfbf1c451ca626a81

  • SSDEEP

    98304:tZOCm5mKLBZW12DEvzjYen6LXGSGRWbuowy:tkw1PjHn6hsWbfw

Score
10/10

Malware Config

Extracted

Family

amadey

Version

4.30

Botnet

4dd39d

C2

http://77.91.77.82

Attributes
  • install_dir

    ad40971b6b

  • install_file

    explorti.exe

  • strings_key

    a434973ad22def7137dbb5e059b7081e

  • url_paths

    /Hun4Ko/index.php

rc4.plain

Targets

    • Target

      3060-96-0x0000000000540000-0x0000000000A09000-memory.dmp

    • Size

      4.8MB

    • MD5

      6d9013910a81bd3b24ddb6793c8c476e

    • SHA1

      27dae94981deb54debd468d0df2961b567cbf5b9

    • SHA256

      381b41a298173308ad5088f13e748515d451bf006a5ad46823062027ffd2eac8

    • SHA512

      4e57a77495ae15e153d08d94c41a4eaaff45b18f5cc2be64cce5f8eb7836bf980b88083df3c39b5b3ca697f42a152459f1e48dcb8e52af5cfbf1c451ca626a81

    • SSDEEP

      98304:tZOCm5mKLBZW12DEvzjYen6LXGSGRWbuowy:tkw1PjHn6hsWbfw

    Score
    10/10
    • Amadey

      Amadey bot is a simple trojan bot primarily used for collecting reconnaissance information.

MITRE ATT&CK Matrix

Tasks