General

  • Target

    2916-3-0x0000000000130000-0x00000000005DD000-memory.dmp

  • Size

    4.7MB

  • Sample

    240928-bytjhazejq

  • MD5

    f6afa67f0b53acc451025ebb8d2cbf14

  • SHA1

    853771e68f7aa5746eaa79235a5833fc4c85ff67

  • SHA256

    0f4a2724e4c9f6f36f4d63418a8aa8510b9b741f6a9f546def9be3d9a62c67cd

  • SHA512

    2f5216f0f894a71ede31fc5b5fea3662e423fe9651432d9e64d444c0132006d377e8a30eca66a6c19ca81b98190786913bcedb5f4a3f48ede8a76b84cf725b95

  • SSDEEP

    98304:dRZtky3CM6a+Qu8rOP4pNb9veqEpYKs6CtMQ+pfTo:dQ+O4fb9vREGhMb

Score
10/10

Malware Config

Extracted

Family

amadey

Version

4.41

Botnet

fed3aa

C2

http://185.215.113.16

Attributes
  • install_dir

    44111dbc49

  • install_file

    axplong.exe

  • strings_key

    8d0ad6945b1a30a186ec2d30be6db0b5

  • url_paths

    /Jo89Ku7d/index.php

rc4.plain

Targets

    • Target

      2916-3-0x0000000000130000-0x00000000005DD000-memory.dmp

    • Size

      4.7MB

    • MD5

      f6afa67f0b53acc451025ebb8d2cbf14

    • SHA1

      853771e68f7aa5746eaa79235a5833fc4c85ff67

    • SHA256

      0f4a2724e4c9f6f36f4d63418a8aa8510b9b741f6a9f546def9be3d9a62c67cd

    • SHA512

      2f5216f0f894a71ede31fc5b5fea3662e423fe9651432d9e64d444c0132006d377e8a30eca66a6c19ca81b98190786913bcedb5f4a3f48ede8a76b84cf725b95

    • SSDEEP

      98304:dRZtky3CM6a+Qu8rOP4pNb9veqEpYKs6CtMQ+pfTo:dQ+O4fb9vREGhMb

    Score
    10/10
    • Amadey

      Amadey bot is a simple trojan bot primarily used for collecting reconnaissance information.

MITRE ATT&CK Matrix

Tasks