General

  • Target

    3accafa6ef42df81f7735a885e3a767aef6ce33e21a56b1b88012120d0b1f381N.exe

  • Size

    209KB

  • MD5

    4fe19c2fa04912e5f014563dfbc74800

  • SHA1

    7b719de8a3cbf8a5dd0a4972d8b7b1a44bb56342

  • SHA256

    3accafa6ef42df81f7735a885e3a767aef6ce33e21a56b1b88012120d0b1f381

  • SHA512

    8937e6451bc9b4680b772b1f278da1dd2d1bf04120773ddcea982942aafa345c2c575528c2c7d444342dc15c7147162553308b90abd4b0f8d1fb85853ae198dd

  • SSDEEP

    3072:mhMCsw9/w+A4cwP+5OzutpHKGruONM4QuZA+67bi83eILfbq5kmh:5Cswq+AXYu7HGOSuZAlAILjq

Score
10/10

Malware Config

Extracted

Family

amadey

Version

3.81

Botnet

f9a925

C2

http://77.91.124.20

Attributes
  • install_dir

    c3912af058

  • install_file

    oneetx.exe

  • strings_key

    0504ce46646b0dc397a3c30d6692ec75

  • url_paths

    /store/games/index.php

rc4.plain

Signatures

  • Amadey family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 3accafa6ef42df81f7735a885e3a767aef6ce33e21a56b1b88012120d0b1f381N.exe
    .exe windows:6 windows x86 arch:x86

    f8cc61ade86cb7277d0ab974de6323cb


    Headers

    Imports

    Sections