General

  • Target

    e0f8ee1495fa6f6f9545eb5be19ec0c594cccf865229a1d55630fb8625968f46

  • Size

    577KB

  • Sample

    241110-d56hraygka

  • MD5

    c210fe2b86a9c30d4cb92d8474c3035e

  • SHA1

    7645daff331064196a34fc260392c1a54d02024b

  • SHA256

    e0f8ee1495fa6f6f9545eb5be19ec0c594cccf865229a1d55630fb8625968f46

  • SHA512

    d1b689ac6245679aae2cdabd12d67031db7f3cf8a5d6ffd50e216d0c5adbb93d4ab631ff2bba73d9c0fe18ac791a8671a933b2dd1de6ee4b96833902a4f297d2

  • SSDEEP

    6144:/6p0yN90QE3L1zqs6oNjj8bVO2T4bTHnLexsN2eiwftBs1J2UNm8yFwiU7tBa+Wl:Ty90nz5dXX2cjex+fta1ZCw3t0eDGRj

Malware Config

Extracted

Family

amadey

Version

3.80

Botnet

9c0adb

C2

http://193.3.19.154

Attributes
  • install_dir

    cb7ae701b3

  • install_file

    oneetx.exe

  • strings_key

    23b27c80db2465a8e1dc15491b69b82f

  • url_paths

    /store/games/index.php

rc4.plain

Targets

    • Target

      e0f8ee1495fa6f6f9545eb5be19ec0c594cccf865229a1d55630fb8625968f46

    • Size

      577KB

    • MD5

      c210fe2b86a9c30d4cb92d8474c3035e

    • SHA1

      7645daff331064196a34fc260392c1a54d02024b

    • SHA256

      e0f8ee1495fa6f6f9545eb5be19ec0c594cccf865229a1d55630fb8625968f46

    • SHA512

      d1b689ac6245679aae2cdabd12d67031db7f3cf8a5d6ffd50e216d0c5adbb93d4ab631ff2bba73d9c0fe18ac791a8671a933b2dd1de6ee4b96833902a4f297d2

    • SSDEEP

      6144:/6p0yN90QE3L1zqs6oNjj8bVO2T4bTHnLexsN2eiwftBs1J2UNm8yFwiU7tBa+Wl:Ty90nz5dXX2cjex+fta1ZCw3t0eDGRj

    • Amadey

      Amadey bot is a simple trojan bot primarily used for collecting reconnaissance information.

    • Amadey family

    • Detects Healer an antivirus disabler dropper

    • Healer

      Healer an antivirus disabler dropper.

    • Healer family

    • Modifies Windows Defender Real-time Protection settings

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks