Overview

overview

10

Static

static

10

3440-34-0x...ry.exe

windows7-x64

10

3440-34-0x...ry.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3440-34-0x0000000000210000-0x00000000006CC000-memory.dmp

  • Size

    4.7MB

  • Sample

    241118-qhnewaxjgt

  • MD5

    3fdd37292802a2eff7b3d668834a6a94

  • SHA1

    7b6b54c3a5290e3a251aed0c63f0dc6138a6c315

  • SHA256

    74b3def85b9d35a7f7eadae36ddfa49bc524339f22852a4f90d49e7bf3423e74

  • SHA512

    79efcb3c81a754c78fb6f5730e1f2a54b6d0cea166a8d96c15692981cc4e933af74f91488aa36181d5f8a65c06afa0205469b623d37e883c1a9c76517cceb574

  • SSDEEP

    98304:x0/cm5sF5Nt62UVRo+kKm4D5UTtVIJGaM2Ds/DGA5OYd+X:x4+tVIwbAAsv

Score
10/10
amadey9c9aa5trojan

Malware Config

Extracted

Family

amadey

Version

4.42

Botnet

9c9aa5

C2

http://185.215.113.43

Attributes
  • install_dir

    abc3bc1985

  • install_file

    skotes.exe

  • strings_key

    8a35cf2ea38c2817dba29a4b5b25dcf0

  • url_paths

    /Zu7JuNko/index.php

rc4.plain

Targets

    • Target

      3440-34-0x0000000000210000-0x00000000006CC000-memory.dmp

    • Size

      4.7MB

    • MD5

      3fdd37292802a2eff7b3d668834a6a94

    • SHA1

      7b6b54c3a5290e3a251aed0c63f0dc6138a6c315

    • SHA256

      74b3def85b9d35a7f7eadae36ddfa49bc524339f22852a4f90d49e7bf3423e74

    • SHA512

      79efcb3c81a754c78fb6f5730e1f2a54b6d0cea166a8d96c15692981cc4e933af74f91488aa36181d5f8a65c06afa0205469b623d37e883c1a9c76517cceb574

    • SSDEEP

      98304:x0/cm5sF5Nt62UVRo+kKm4D5UTtVIJGaM2Ds/DGA5OYd+X:x4+tVIwbAAsv

    Score
    10/10
    amadeytrojan

    • Amadey

      Amadey bot is a simple trojan bot primarily used for collecting reconnaissance information.

      trojanamadey

    • Amadey family

      amadey
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks