amadey | fcae30a2c7d0260eb517d6fe624904b730fc6526bf7faf97d7f6ed92bc7cd1cd | Triage

Sharing

General

Target

fcae30a2c7d0260eb517d6fe624904b730fc6526bf7faf97d7f6ed92bc7cd1cdN.exe
Size

204KB
Sample

241120-djsd1ayqd1
MD5

5c96d8363322d93f6fcf5634ab55e080
SHA1

cfff9854e42fc8ed59e04d83d7a0bd7d9e6ba49b
SHA256

fcae30a2c7d0260eb517d6fe624904b730fc6526bf7faf97d7f6ed92bc7cd1cd
SHA512

eda8ba77999cd4fc630ae89dcafdce110543d35524bc57ba920768987221cf4fce7c227c09d2cfdee0852be300631ce1de63da21cdde09b34046d84d94b509cf
SSDEEP

3072:c/frTDzurT1S3CzpdmnATE55zjExkKGruONMvhu5QTX9eJX2vkMfx/PwU:Wfrnzurs3Czpexj2kGOIu5QT4JMZQ

Score

10^/10

amadey 9c0adb discovery

Malware Config

Extracted

Family

amadey

Version

3.80

Botnet

9c0adb

C2

http://193.3.19.154

Attributes

install_dir
cb7ae701b3
install_file
oneetx.exe
strings_key
23b27c80db2465a8e1dc15491b69b82f
url_paths
/store/games/index.php

rc4.plain

Targets

- Target
  
  fcae30a2c7d0260eb517d6fe624904b730fc6526bf7faf97d7f6ed92bc7cd1cdN.exe
- Size
  
  204KB
- MD5
  
  5c96d8363322d93f6fcf5634ab55e080
- SHA1
  
  cfff9854e42fc8ed59e04d83d7a0bd7d9e6ba49b
- SHA256
  
  fcae30a2c7d0260eb517d6fe624904b730fc6526bf7faf97d7f6ed92bc7cd1cd
- SHA512
  
  eda8ba77999cd4fc630ae89dcafdce110543d35524bc57ba920768987221cf4fce7c227c09d2cfdee0852be300631ce1de63da21cdde09b34046d84d94b509cf
- SSDEEP
  
  3072:c/frTDzurT1S3CzpdmnATE55zjExkKGruONMvhu5QTX9eJX2vkMfx/PwU:Wfrnzurs3Czpexj2kGOIu5QT4JMZQ
Score

3^/10

discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2