amadey | e7ea8c61b87c4e54af22b1d0e7868c36cb01522e86277091a6c0075db413e5b1 | Triage

Sharing

General

Target

e7ea8c61b87c4e54af22b1d0e7868c36cb01522e86277091a6c0075db413e5b1
Size

4.7MB
MD5

3ed789427b83d8aa519546184aeaced7
SHA1

23263900c499087dcf49dd7e1a9b264a75ff5273
SHA256

e7ea8c61b87c4e54af22b1d0e7868c36cb01522e86277091a6c0075db413e5b1
SHA512

39ac076da4d8f0a2a1b7ee7c9c47d847d3efcf81c170040f8c162016d22b27db0bbb917734958cc26a2f957f18a0f2c4207ef582c23d2b8053724f1ca790a635
SSDEEP

12288:/0/sS+9cn+TnWTcT5WHo5T+BAhu+2vHb/xirp2mVUEsqzhe/nKzhqz:IKcn+TnGcl3TPEb/orp2blKz

Score

10^/10

amadey

Malware Config

Signatures

Amadey family
amadey

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e7ea8c61b87c4e54af22b1d0e7868c36cb01522e86277091a6c0075db413e5b1

Files

e7ea8c61b87c4e54af22b1d0e7868c36cb01522e86277091a6c0075db413e5b1
.exe windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 183KB - Virtual size: 416KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

igqxfioh
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

cvdqgxbk
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taggant
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE