Extracted

• • Target

    0eb71ab368a2c0d4185515a5f9aa1457c6ecaad066ad67ec7e6727e4aa8a76b8.exe

  • Size

    256KB

  • MD5

    745bccae46e39f3b911182718ffbecbe

  • SHA1

    70022ee1ff309cf610128b3ec3792bdcf0e1037e

  • SHA256

    0eb71ab368a2c0d4185515a5f9aa1457c6ecaad066ad67ec7e6727e4aa8a76b8

  • SHA512

    044c66dd6c16a19778225c83d80985dd54ec7bba8b54487a4d44bc0d599b15c9f6dea1d3e69962941c3d2c2416554fbd27e5d71dfbe84308195051dc12d1c5d0

  • SSDEEP

    3072:jvoS9frdq8kutjr792c6n2Ey8qVEs7SEg/J9DvPxqkf5fgKwYPDpJKJRfD/I:77Tzr0c6n2EyssGlRqagzYPDWJhg

  Score

  10^/10

  amadey8c4642discoverytrojan

  • Amadey

    Amadey bot is a simple trojan bot primarily used for collecting reconnaissance information.

    trojanamadey

  • Amadey family

    amadey

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE

  • Loads dropped DLL

  behavioral1behavioral2