Extracted

• • Target

    cdbde33d9ba5022c7962289d279c308de0d7e94b746d6a40d6d5f89d21c010cb.exe

  • Size

    256KB

  • MD5

    504b341a1a47cd0efe3138655c8652a4

  • SHA1

    6b21d347050e103bdc89e3ac42be3b69cf5c8d2f

  • SHA256

    cdbde33d9ba5022c7962289d279c308de0d7e94b746d6a40d6d5f89d21c010cb

  • SHA512

    0d0109e990e253e0be381831988b2e73d1a031bc8aea38685c229de3ce893844a8f113c0e98e41c9e8dbb0bded4e9b8084216724b7d9e5964293f0dc6a0258a2

  • SSDEEP

    3072:fdg2WfgUqxS+dWIMOfdMsdmAYTH/lrsI3tbpxFTY5n5hwYPDpJKJRf8E:1btUstdWROAOI9bpxZGQYPDWJt

  Score

  10^/10

  amadey8c4642discoverytrojan

  • Amadey

    Amadey bot is a simple trojan bot primarily used for collecting reconnaissance information.

    trojanamadey

  • Amadey family

    amadey

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE

  • Loads dropped DLL

  behavioral1behavioral2