andromeda | 075381126c57e7474ae8c15ed6aaac7bc6f159ce12696a56c474df5ddc596277 | Triage

Submit
Reports

Overview

overview

Static

static

075381126c...7N.exe

windows7-x64

075381126c...7N.exe

windows10-2004-x64

Sharing

General

Target

075381126c57e7474ae8c15ed6aaac7bc6f159ce12696a56c474df5ddc596277N
Size

36KB
Sample

241001-esslsstgrb
MD5

f7e22f0494c3dbb27fe5bacbb0ae2c90
SHA1

fb25b3d76462bbb62d9429dc9bb4e5c85db00ffe
SHA256

075381126c57e7474ae8c15ed6aaac7bc6f159ce12696a56c474df5ddc596277
SHA512

322a1ee7634579103dfaf1d106900abcd47570784b93ead0787630659ba7460f7e95798ebcb254c19639c0beb0b131fb0d8ca7f549697e18bef9dee24a89fd08
SSDEEP

384:PWyTPcNLdwHyYgdi9NaJhuB/l/FkBgmVZ6X:+aPc5BdiEIFYKmV

Score

10^/10

andromeda backdoor botnet discovery

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

075381126c57e7474ae8c15ed6aaac7bc6f159ce12696a56c474df5ddc596277N.exe

Resource

win7-20240708-en

andromeda backdoor botnet discovery

windows7-x64

5 signatures

120 seconds

Behavioral task

behavioral2

Sample

075381126c57e7474ae8c15ed6aaac7bc6f159ce12696a56c474df5ddc596277N.exe

Resource

win10v2004-20240802-en

andromeda backdoor botnet discovery

windows10-2004-x64

4 signatures

120 seconds

Malware Config

Targets

- Target
  
  075381126c57e7474ae8c15ed6aaac7bc6f159ce12696a56c474df5ddc596277N
- Size
  
  36KB
- MD5
  
  f7e22f0494c3dbb27fe5bacbb0ae2c90
- SHA1
  
  fb25b3d76462bbb62d9429dc9bb4e5c85db00ffe
- SHA256
  
  075381126c57e7474ae8c15ed6aaac7bc6f159ce12696a56c474df5ddc596277
- SHA512
  
  322a1ee7634579103dfaf1d106900abcd47570784b93ead0787630659ba7460f7e95798ebcb254c19639c0beb0b131fb0d8ca7f549697e18bef9dee24a89fd08
- SSDEEP
  
  384:PWyTPcNLdwHyYgdi9NaJhuB/l/FkBgmVZ6X:+aPc5BdiEIFYKmV
Score

10^/10

andromeda backdoor botnet discovery
- Andromeda, Gamarue
  Andromeda, also known as Gamarue, is a modular botnet malware primarily used for distributing other types of malware and it's written in C++.
  botnet backdoor andromeda
- Detects Andromeda payload.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

andromedabackdoorbotnetdiscovery

behavioral2

andromedabackdoorbotnetdiscovery

© 2018-2024

Terms | Privacy