General

  • Target

    2432-3-0x00000000002F0000-0x00000000007BD000-memory.dmp

  • Size

    4.8MB

  • Sample

    240926-p38qwaxhkr

  • MD5

    9071a3a192f36e06cc9ad7a3bd3ca99f

  • SHA1

    ce62aa7c65d52ae304b4b2f56fec91f31dd17eab

  • SHA256

    9c631575520f52d7f1fe78341d9314c53b9fed678ce789c83261b179ba788a77

  • SHA512

    df0b4b46771040d0a01f70c256cd42fc90c425269f6f363fad8f67d46e92fbae0a03b35ae16b0703d2c887832f15a292cb3e57020d256be7cb4670bc63471d46

  • SSDEEP

    98304:vkyB4VsPZpmOqs2ySieyM+xv7CrtPI2dXBYiCkIkmswE3v:vEFieyM+xv7CJPXXBYW/

Score
10/10

Malware Config

Extracted

Family

amadey

Version

4.41

Botnet

fed3aa

C2

http://185.215.113.16

Attributes
  • install_dir

    44111dbc49

  • install_file

    axplong.exe

  • strings_key

    8d0ad6945b1a30a186ec2d30be6db0b5

  • url_paths

    /Jo89Ku7d/index.php

rc4.plain

Targets

    • Target

      2432-3-0x00000000002F0000-0x00000000007BD000-memory.dmp

    • Size

      4.8MB

    • MD5

      9071a3a192f36e06cc9ad7a3bd3ca99f

    • SHA1

      ce62aa7c65d52ae304b4b2f56fec91f31dd17eab

    • SHA256

      9c631575520f52d7f1fe78341d9314c53b9fed678ce789c83261b179ba788a77

    • SHA512

      df0b4b46771040d0a01f70c256cd42fc90c425269f6f363fad8f67d46e92fbae0a03b35ae16b0703d2c887832f15a292cb3e57020d256be7cb4670bc63471d46

    • SSDEEP

      98304:vkyB4VsPZpmOqs2ySieyM+xv7CrtPI2dXBYiCkIkmswE3v:vEFieyM+xv7CJPXXBYW/

    Score
    10/10
    • Amadey

      Amadey bot is a simple trojan bot primarily used for collecting reconnaissance information.

MITRE ATT&CK Matrix

Tasks