Overview

overview

10

Static

static

10

2756-3-0x0...ry.exe

windows7-x64

10

2756-3-0x0...ry.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2756-3-0x0000000000B60000-0x0000000001026000-memory.dmp

  • Size

    4.8MB

  • Sample

    241111-wtw42sslb1

  • MD5

    e25fd8838a793ee3a533e3d722f4db98

  • SHA1

    085feb647145a6d70ca47e3b2e2720ce1aacef03

  • SHA256

    560dd3e26c9893793fca44bf72cd9d620318eab0e71c56a3e14812f0978d1f72

  • SHA512

    2da6ad6f2292ae7094f2846a40449241b2c8dc40de1655a71d8d4312acf07ac55797b3f7e5b7a07e4a8c6b67c4aacca62262721d34a5c274563283685ecefe26

  • SSDEEP

    98304:4QKvlzNvmXzZtuYPapTKSsGUe4rwlGwI/3su5umz7AItMmPekuCyw:4Fe3S7Hzu5umz75GmGkFyw

Score
10/10
amadeyfed3aatrojan

Malware Config

Extracted

Family

amadey

Version

4.41

Botnet

fed3aa

C2

http://185.215.113.16

Attributes
  • install_dir

    44111dbc49

  • install_file

    axplong.exe

  • strings_key

    8d0ad6945b1a30a186ec2d30be6db0b5

  • url_paths

    /Jo89Ku7d/index.php

rc4.plain

Targets

    • Target

      2756-3-0x0000000000B60000-0x0000000001026000-memory.dmp

    • Size

      4.8MB

    • MD5

      e25fd8838a793ee3a533e3d722f4db98

    • SHA1

      085feb647145a6d70ca47e3b2e2720ce1aacef03

    • SHA256

      560dd3e26c9893793fca44bf72cd9d620318eab0e71c56a3e14812f0978d1f72

    • SHA512

      2da6ad6f2292ae7094f2846a40449241b2c8dc40de1655a71d8d4312acf07ac55797b3f7e5b7a07e4a8c6b67c4aacca62262721d34a5c274563283685ecefe26

    • SSDEEP

      98304:4QKvlzNvmXzZtuYPapTKSsGUe4rwlGwI/3su5umz7AItMmPekuCyw:4Fe3S7Hzu5umz75GmGkFyw

    Score
    10/10
    amadeytrojan

    • Amadey

      Amadey bot is a simple trojan bot primarily used for collecting reconnaissance information.

      trojanamadey

    • Amadey family

      amadey
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks