Extracted

• • Target

    d720e490e7c2a7f3949cec7c19691a6faa83661f8e7b563518a6ca1f66154793

  • Size

    255KB

  • MD5

    57e33ea7348be5d6b1b26b0e286e7da0

  • SHA1

    af47dea28e058145a9bc8e80225e843fe2ae8c27

  • SHA256

    d720e490e7c2a7f3949cec7c19691a6faa83661f8e7b563518a6ca1f66154793

  • SHA512

    27e9fb03e6cdbdc6e30573571f7c874660c3590b150125d1ec8b27f823c48f122651d4cb4a19a9c87c33cde80379c1594167471f33dab8ae6108ca69eeae6fb3

  • SSDEEP

    3072:xoq86TzW4pT3MVD1OtqQjJouL7ukm5rvuFwYPDpJKJRf:eq7+qTIDwtq0JozLvuSYPDWJ

  Score

  10^/10

  amadey8c4642discoverytrojan

  • Amadey

    Amadey bot is a simple trojan bot primarily used for collecting reconnaissance information.

    trojanamadey

  • Amadey family

    amadey

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE

  • Loads dropped DLL

  behavioral1behavioral2