Overview

overview

10

Static

static

10

5036-3-0x0...ry.exe

windows7-x64

10

5036-3-0x0...ry.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5036-3-0x0000000000BA0000-0x0000000001053000-memory.dmp

  • Size

    4.7MB

  • Sample

    241122-t6rnzstraw

  • MD5

    4e2259ba878e10be8bb4099354739399

  • SHA1

    2ab28a352dae1b2cfb9fc285195b4a0a194cbd79

  • SHA256

    ce17a0ad52a337b508951c30c255b51babef379c2e5d1c6f243f1392f2286e86

  • SHA512

    7f6b657ac7355958e33015d5546bc0f295712aac4be0feaddbf39a149b497153f0f1e5b2d0e7a7d3b1fc6b61bbae2e42765fdcedbe8b565a86847ecbd37cc912

  • SSDEEP

    98304:jJITwM45OFX1ZA1gE30JEsXT28+v0me0Ojo:jaAxEJEU28jmO8

Score
10/10
amadey4dd39dtrojan

Malware Config

Extracted

Family

amadey

Version

4.30

Botnet

4dd39d

C2

http://77.91.77.82

Attributes
  • install_dir

    ad40971b6b

  • install_file

    explorti.exe

  • strings_key

    a434973ad22def7137dbb5e059b7081e

  • url_paths

    /Hun4Ko/index.php

rc4.plain

Targets

    • Target

      5036-3-0x0000000000BA0000-0x0000000001053000-memory.dmp

    • Size

      4.7MB

    • MD5

      4e2259ba878e10be8bb4099354739399

    • SHA1

      2ab28a352dae1b2cfb9fc285195b4a0a194cbd79

    • SHA256

      ce17a0ad52a337b508951c30c255b51babef379c2e5d1c6f243f1392f2286e86

    • SHA512

      7f6b657ac7355958e33015d5546bc0f295712aac4be0feaddbf39a149b497153f0f1e5b2d0e7a7d3b1fc6b61bbae2e42765fdcedbe8b565a86847ecbd37cc912

    • SSDEEP

      98304:jJITwM45OFX1ZA1gE30JEsXT28+v0me0Ojo:jaAxEJEU28jmO8

    Score
    10/10
    amadeytrojan

    • Amadey

      Amadey bot is a simple trojan bot primarily used for collecting reconnaissance information.

      trojanamadey

    • Amadey family

      amadey
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks