Extracted

• • Target

    fec7590de20dc03464f8357e5a97b89b4a624570eb2327f6ca4623ca925fcb3a.exe

  • Size

    383KB

  • MD5

    fadce53b46151704d5689113280b2813

  • SHA1

    e20f02fdc0b7829ebc5942672e1b1442e65a056d

  • SHA256

    fec7590de20dc03464f8357e5a97b89b4a624570eb2327f6ca4623ca925fcb3a

  • SHA512

    fa0213d681dbbcb3e475844c6d77fd68fb3f0212673c8bcda2b266578973a8b87168eead019f6501715e2117bdf8f592137f5c050bab1e75d27e5e8e64a984e2

  • SSDEEP

    6144:1/AyOER4u8Lvj+9JNGoQGXZcnufnLPNJ5J1b59U9fBCmRJ:1/A5A4TLr+lG5wUqnLPn5Jt5aBbJ

  Score

  10^/10

  amadey8c4642discoverytrojan

  • Amadey

    Amadey bot is a simple trojan bot primarily used for collecting reconnaissance information.

    trojanamadey

  • Amadey family

    amadey

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE

  • Loads dropped DLL

  behavioral1behavioral2