amadey | 3ef1681624e23a371bfee14004c3dfcea33c2ce28cb51394d56e93fc085c5bd3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4400-32-0x0000000000920000-0x0000000000DB1000-memory.dmp
Size

4.6MB
Sample

241119-smaqpaxlf1
MD5

63a2a0a85617329a4480a3856868bc4a
SHA1

b9c0c294b08ae223a6a321b3e2c9121da059c7b6
SHA256

3ef1681624e23a371bfee14004c3dfcea33c2ce28cb51394d56e93fc085c5bd3
SHA512

6cc690a7af3c6c1a1596bf1420f8a6aee24382193988965cf2f45febddeff7c51820f10108449192e41d38cb659eb9f18f2e1d3cb9845c56e75986a9c13c488b
SSDEEP

98304:vV80x+HmqCOQnsWGG3E3BljXpAx90lYiIOqj01PtfxZXnf6MuHlS:vaPfAx90lYrjuPZxZCT

Score

10^/10

amadey 9c9aa5 trojan

Malware Config

Extracted

Family

amadey

Version

4.42

Botnet

9c9aa5

C2

http://185.215.113.43

Attributes

install_dir
abc3bc1985
install_file
skotes.exe
strings_key
8a35cf2ea38c2817dba29a4b5b25dcf0
url_paths
/Zu7JuNko/index.php

rc4.plain

Targets

- Target
  
  4400-32-0x0000000000920000-0x0000000000DB1000-memory.dmp
- Size
  
  4.6MB
- MD5
  
  63a2a0a85617329a4480a3856868bc4a
- SHA1
  
  b9c0c294b08ae223a6a321b3e2c9121da059c7b6
- SHA256
  
  3ef1681624e23a371bfee14004c3dfcea33c2ce28cb51394d56e93fc085c5bd3
- SHA512
  
  6cc690a7af3c6c1a1596bf1420f8a6aee24382193988965cf2f45febddeff7c51820f10108449192e41d38cb659eb9f18f2e1d3cb9845c56e75986a9c13c488b
- SSDEEP
  
  98304:vV80x+HmqCOQnsWGG3E3BljXpAx90lYiIOqj01PtfxZXnf6MuHlS:vaPfAx90lYrjuPZxZCT
Score

10^/10

amadey trojan
- Amadey
  Amadey bot is a simple trojan bot primarily used for collecting reconnaissance information.
  trojan amadey
- Amadey family
  amadey
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2