Overview

overview

10

Static

static

10

1724-34-0x...ry.exe

windows7-x64

10

1724-34-0x...ry.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1724-34-0x0000000000CC0000-0x0000000001194000-memory.dmp

  • Size

    4.8MB

  • Sample

    241118-pyxstaxcmm

  • MD5

    2dd1b613b3a27935d75e0f9dc0ba79d2

  • SHA1

    68599efe9d210bd848dfcf3e28a558269187cb9e

  • SHA256

    8f42f3ad36ec1e8e0580d435bed993a21d225411763e5a8213e86df37727a8cb

  • SHA512

    8fdbf43509544f97bfdc7dc930a416fe78c7fa25f4ac4496e33e530d9569734ea52a7f0b6d9513e2ca3584237c308cfd70382b4a6658dbccd35da70267bbf186

  • SSDEEP

    98304:cbRYfkVt7vl4XfpNrvys7jeRwEEtXcLsj8W90G:cVaxNrBjWwHtXasjReG

Score
10/10
amadey9c9aa5trojan

Malware Config

Extracted

Family

amadey

Version

4.42

Botnet

9c9aa5

C2

http://185.215.113.43

Attributes
  • install_dir

    abc3bc1985

  • install_file

    skotes.exe

  • strings_key

    8a35cf2ea38c2817dba29a4b5b25dcf0

  • url_paths

    /Zu7JuNko/index.php

rc4.plain

Targets

    • Target

      1724-34-0x0000000000CC0000-0x0000000001194000-memory.dmp

    • Size

      4.8MB

    • MD5

      2dd1b613b3a27935d75e0f9dc0ba79d2

    • SHA1

      68599efe9d210bd848dfcf3e28a558269187cb9e

    • SHA256

      8f42f3ad36ec1e8e0580d435bed993a21d225411763e5a8213e86df37727a8cb

    • SHA512

      8fdbf43509544f97bfdc7dc930a416fe78c7fa25f4ac4496e33e530d9569734ea52a7f0b6d9513e2ca3584237c308cfd70382b4a6658dbccd35da70267bbf186

    • SSDEEP

      98304:cbRYfkVt7vl4XfpNrvys7jeRwEEtXcLsj8W90G:cVaxNrBjWwHtXasjReG

    Score
    10/10
    amadeytrojan

    • Amadey

      Amadey bot is a simple trojan bot primarily used for collecting reconnaissance information.

      trojanamadey

    • Amadey family

      amadey
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks