Overview

overview

10

Static

static

10

1184-33-0x...ry.exe

windows7-x64

10

1184-33-0x...ry.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1184-33-0x00000000000E0000-0x00000000005B2000-memory.dmp

  • Size

    4.8MB

  • Sample

    241118-rc975axhjf

  • MD5

    75491d0ad154f7d0961442823241d2b3

  • SHA1

    8059d1a7077f50d86d83e9e2c0d63529169b0fe9

  • SHA256

    60ed7d77dee400d0944f75dcb82a712603454007335fbc690c4ee069729f7df4

  • SHA512

    5260bfdc4c9ee1b3b60b7d4bf180a1c0a7d4700ac5e22907360271000d02259f794d3de8b316d0b52441812e7d52d87408063cf9f7e37c04ee57f15372a15866

  • SSDEEP

    98304:AG6E1eDnugaztfQ3eVYByVJle84JzWEy2HMoL6upZUw7QWMX78G0jK:ANTgD2Wf2soL6u/UwswG

Score
10/10
amadey9c9aa5trojan

Malware Config

Extracted

Family

amadey

Version

4.42

Botnet

9c9aa5

C2

http://185.215.113.43

Attributes
  • install_dir

    abc3bc1985

  • install_file

    skotes.exe

  • strings_key

    8a35cf2ea38c2817dba29a4b5b25dcf0

  • url_paths

    /Zu7JuNko/index.php

rc4.plain

Targets

    • Target

      1184-33-0x00000000000E0000-0x00000000005B2000-memory.dmp

    • Size

      4.8MB

    • MD5

      75491d0ad154f7d0961442823241d2b3

    • SHA1

      8059d1a7077f50d86d83e9e2c0d63529169b0fe9

    • SHA256

      60ed7d77dee400d0944f75dcb82a712603454007335fbc690c4ee069729f7df4

    • SHA512

      5260bfdc4c9ee1b3b60b7d4bf180a1c0a7d4700ac5e22907360271000d02259f794d3de8b316d0b52441812e7d52d87408063cf9f7e37c04ee57f15372a15866

    • SSDEEP

      98304:AG6E1eDnugaztfQ3eVYByVJle84JzWEy2HMoL6upZUw7QWMX78G0jK:ANTgD2Wf2soL6u/UwswG

    Score
    10/10
    amadeytrojan

    • Amadey

      Amadey bot is a simple trojan bot primarily used for collecting reconnaissance information.

      trojanamadey

    • Amadey family

      amadey
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks