amadey | 2a4f6f53e01f9f9b73a96b41a05389fba5390c1597a1ec4726af53e47c1e5e67 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2a4f6f53e01f9f9b73a96b41a05389fba5390c1597a1ec4726af53e47c1e5e67
Size

4.8MB
MD5

c4f01e92273ec24351a0ffde04cd7a74
SHA1

f4bc23f347cd09c836e66ab0683a13e3dcebf5fe
SHA256

2a4f6f53e01f9f9b73a96b41a05389fba5390c1597a1ec4726af53e47c1e5e67
SHA512

b1951f622d078c2f7368473759996a5134ff508f4897507fbde83a3c8dfdcc5f6cbf07ff3558104dde2f4ca8a2fd9fb723272f28c8430d6f869b4d571a720906
SSDEEP

3072:xq1Kbt5b/ZATD/5gFCPS+Uq80KwmXSTRAt949xzxGIWQzesyz/1wnZf8JmbuBjnp:Y1Kbt5ONUq80KwmX+A+Tlisc1wZIB

Score

10^/10

amadey

Malware Config

Signatures

Amadey family
amadey

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2a4f6f53e01f9f9b73a96b41a05389fba5390c1597a1ec4726af53e47c1e5e67

Files

2a4f6f53e01f9f9b73a96b41a05389fba5390c1597a1ec4726af53e47c1e5e67
.exe windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 183KB - Virtual size: 416KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ysbzieoj
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

zxuwvjyo
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taggant
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE