Extracted

• • Target

    484da973a879dcbd320a836341798d7e3aab0480cc18470531ab17e82393d5d7.exe

  • Size

    256KB

  • MD5

    d0eb0456e1750bf315246230c9c592d4

  • SHA1

    f1d49def7bb6925d46ca4fe088167f1b8eb85dbc

  • SHA256

    484da973a879dcbd320a836341798d7e3aab0480cc18470531ab17e82393d5d7

  • SHA512

    71086d1aad2aeaa7be5f9b681449256a427fa02c063a6e0884e21ae38b1a6ac781856949d75db2852f3c9b8b55f7340e174f8a83ff90cf49eb5dac61bc23c0bb

  • SSDEEP

    3072:iX5YwxA0Dxx5TscWERNMtiAncRWhJX2NGx93PQUT2964GKsR5bEXhlBjk4/oweF:ipYJCx5g8MtiWYN89W8UcEXhfg4/veF

  Score

  10^/10

  amadey8c4642discoverytrojan

  • Amadey

    Amadey bot is a simple trojan bot primarily used for collecting reconnaissance information.

    trojanamadey

  • Amadey family

    amadey

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE

  • Loads dropped DLL

  behavioral1behavioral2