Extracted

• • Target

    3bf5cfd44aaff78c8d01a0eef87ed49d7971884ac990a4dcd653f186b9c05a87.exe

  • Size

    367KB

  • MD5

    b87f6c9394b7d10ccc8d5d19cc72d88e

  • SHA1

    412700f0a8aede47ea99d11bb12e47df628d529a

  • SHA256

    3bf5cfd44aaff78c8d01a0eef87ed49d7971884ac990a4dcd653f186b9c05a87

  • SHA512

    14f0f6a793e19f6133829af150248ab8594d710095c53f1d9ac855479be2bb7eb876a57291657cbd3adb1d0364d64154ad1e84cdc931618734b505f4141bbc62

  • SSDEEP

    3072:oi+QXwgl9vHPbhy6VYnH88eY/8Fcy5iThp+vbeNNGPcbYq/NFPYNwPFcq+bERhV5:olQXLP9PG1/S5KxNG81NFYqqq2EbzRf

  Score

  10^/10

  amadey8c4642discoverytrojan

  • Amadey

    Amadey bot is a simple trojan bot primarily used for collecting reconnaissance information.

    trojanamadey

  • Amadey family

    amadey

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE

  • Loads dropped DLL

  behavioral1behavioral2