amadey | 01ca8dff8cc71d553987e027de4e7b640bc4a9c2bb74cd23d54d8688570c72ec | Triage

Sharing

General

Target

2124-3-0x0000000000B50000-0x0000000001019000-memory.dmp
Size

4.8MB
Sample

241118-phstxswlgt
MD5

cbf947e3c67f70372d59c188a1d3daa4
SHA1

edcd7ce1671b9e29dad50db3e96f67adcd543ab2
SHA256

01ca8dff8cc71d553987e027de4e7b640bc4a9c2bb74cd23d54d8688570c72ec
SHA512

c8ae6505a759745a8c617b8fe7edf3b2c1bd4f04356f732b365d4777dffda30542a7223a25c0cfc9c414bbff8d77bfcc5d2876dbae262295054a9ca7ef33996f
SSDEEP

98304:7uY+ya4LMWjpPk0ZN9n5/W4gEHmUrNKGvXS9BktrJ24jP:71xqqS9BktrJ2EP

Score

10^/10

amadey 9c9aa5 trojan

Malware Config

Extracted

Family

amadey

Version

4.42

Botnet

9c9aa5

C2

http://185.215.113.43

Attributes

install_dir
abc3bc1985
install_file
skotes.exe
strings_key
8a35cf2ea38c2817dba29a4b5b25dcf0
url_paths
/Zu7JuNko/index.php

rc4.plain

Targets

- Target
  
  2124-3-0x0000000000B50000-0x0000000001019000-memory.dmp
- Size
  
  4.8MB
- MD5
  
  cbf947e3c67f70372d59c188a1d3daa4
- SHA1
  
  edcd7ce1671b9e29dad50db3e96f67adcd543ab2
- SHA256
  
  01ca8dff8cc71d553987e027de4e7b640bc4a9c2bb74cd23d54d8688570c72ec
- SHA512
  
  c8ae6505a759745a8c617b8fe7edf3b2c1bd4f04356f732b365d4777dffda30542a7223a25c0cfc9c414bbff8d77bfcc5d2876dbae262295054a9ca7ef33996f
- SSDEEP
  
  98304:7uY+ya4LMWjpPk0ZN9n5/W4gEHmUrNKGvXS9BktrJ24jP:71xqqS9BktrJ2EP
Score

10^/10

amadey trojan
- Amadey
  Amadey bot is a simple trojan bot primarily used for collecting reconnaissance information.
  trojan amadey
- Amadey family
  amadey
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2