amadey | 198c53543dd959762b7abe1df9855b4d00194469630efad27d4fb9088fe56332 | Triage

Sharing

General

Target

2332-3-0x0000000000EA0000-0x000000000133D000-memory.dmp
Size

4.6MB
Sample

241121-277etswqhr
MD5

e90461b3b81af9fbb911defc96209642
SHA1

6c1db709c9b8a0857470135f8e0d16bb5f72018d
SHA256

198c53543dd959762b7abe1df9855b4d00194469630efad27d4fb9088fe56332
SHA512

aa65a890a1643c080d5a49d80e7d9f8a7dd08b870d4f2993eecd62fb15008d4724e75e7bc7330d673c97793c5b0e12dc9248d105ecdc592d08c970f68aefeac9
SSDEEP

98304:A2J8pv/Z6Aa4rjc+C/fw51iYRX7lfSDfUHwrodAR2u5F:Ahk/fOc8Mqwronu

Score

10^/10

amadey 9c9aa5 trojan

Malware Config

Extracted

Family

amadey

Version

4.42

Botnet

9c9aa5

C2

http://185.215.113.43

Attributes

install_dir
abc3bc1985
install_file
skotes.exe
strings_key
8a35cf2ea38c2817dba29a4b5b25dcf0
url_paths
/Zu7JuNko/index.php

rc4.plain

Targets

- Target
  
  2332-3-0x0000000000EA0000-0x000000000133D000-memory.dmp
- Size
  
  4.6MB
- MD5
  
  e90461b3b81af9fbb911defc96209642
- SHA1
  
  6c1db709c9b8a0857470135f8e0d16bb5f72018d
- SHA256
  
  198c53543dd959762b7abe1df9855b4d00194469630efad27d4fb9088fe56332
- SHA512
  
  aa65a890a1643c080d5a49d80e7d9f8a7dd08b870d4f2993eecd62fb15008d4724e75e7bc7330d673c97793c5b0e12dc9248d105ecdc592d08c970f68aefeac9
- SSDEEP
  
  98304:A2J8pv/Z6Aa4rjc+C/fw51iYRX7lfSDfUHwrodAR2u5F:Ahk/fOc8Mqwronu
Score

10^/10

amadey trojan
- Amadey
  Amadey bot is a simple trojan bot primarily used for collecting reconnaissance information.
  trojan amadey
- Amadey family
  amadey
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2