Overview

overview

10

Static

static

10

1628-79-0x...ry.exe

windows7-x64

10

1628-79-0x...ry.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1628-79-0x0000000000A50000-0x0000000000F06000-memory.dmp

  • Size

    4.7MB

  • Sample

    241122-wgts6a1ldq

  • MD5

    3a3390ff60db4a44b41dc22e0b4bd9a2

  • SHA1

    da108d10ed19b6abd8ca74d5fb78d7a73aeea2cc

  • SHA256

    319bf01d2793a893cc216978c9a094684eee142e8dec48b9fef3c032ebecf604

  • SHA512

    e11c68781bbf6213b729fff333780c60d5e2eaa1fc08d99c6cb7fe85da347c2e8f0f06c7710f66f9060c80ffbc676e48861dffe885bb3aa49db9855d26696512

  • SSDEEP

    98304:T7yf7wcIfjyy6/MSQJCOjF/jzsxSJEtG2mV4y+rlDqGElX:Trc3+/jw48GwNdnEl

Score
10/10
amadey4dd39dtrojan

Malware Config

Extracted

Family

amadey

Version

4.30

Botnet

4dd39d

C2

http://77.91.77.82

Attributes
  • install_dir

    ad40971b6b

  • install_file

    explorti.exe

  • strings_key

    a434973ad22def7137dbb5e059b7081e

  • url_paths

    /Hun4Ko/index.php

rc4.plain

Targets

    • Target

      1628-79-0x0000000000A50000-0x0000000000F06000-memory.dmp

    • Size

      4.7MB

    • MD5

      3a3390ff60db4a44b41dc22e0b4bd9a2

    • SHA1

      da108d10ed19b6abd8ca74d5fb78d7a73aeea2cc

    • SHA256

      319bf01d2793a893cc216978c9a094684eee142e8dec48b9fef3c032ebecf604

    • SHA512

      e11c68781bbf6213b729fff333780c60d5e2eaa1fc08d99c6cb7fe85da347c2e8f0f06c7710f66f9060c80ffbc676e48861dffe885bb3aa49db9855d26696512

    • SSDEEP

      98304:T7yf7wcIfjyy6/MSQJCOjF/jzsxSJEtG2mV4y+rlDqGElX:Trc3+/jw48GwNdnEl

    Score
    10/10
    amadeytrojan

    • Amadey

      Amadey bot is a simple trojan bot primarily used for collecting reconnaissance information.

      trojanamadey

    • Amadey family

      amadey
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks