amadey | 86de27188041f0452250f7bbfdc564544645fd33c9715c5de3485ed8d2061f0b | Triage

Sharing

General

Target

2368-3-0x0000000000860000-0x0000000000D25000-memory.dmp
Size

4.8MB
Sample

241124-nqwp4stpal
MD5

cb94288e3e7dbca48567fce0a25e008e
SHA1

938837e2ef4b5faf6e73b12bce5d2ae76492ebd1
SHA256

86de27188041f0452250f7bbfdc564544645fd33c9715c5de3485ed8d2061f0b
SHA512

59fb874ad4c4a01c35c3ca64bfbda7348c114f063f4cd4d0be936014f080360ab81ae05d3204dd25a1ec00046cecc5602f5756dfc832ad0ebba313dc3d0042e6
SSDEEP

98304:usONNm7PT4Bo1mXj0JWUM0fF26GswlVA8xobiI566j9Aq:uuAUMs2/sB8Sb5xiq

Score

10^/10

amadey 9c9aa5 trojan

Malware Config

Extracted

Family

amadey

Version

4.42

Botnet

9c9aa5

C2

http://185.215.113.43

Attributes

install_dir
abc3bc1985
install_file
skotes.exe
strings_key
8a35cf2ea38c2817dba29a4b5b25dcf0
url_paths
/Zu7JuNko/index.php

rc4.plain

Targets

- Target
  
  2368-3-0x0000000000860000-0x0000000000D25000-memory.dmp
- Size
  
  4.8MB
- MD5
  
  cb94288e3e7dbca48567fce0a25e008e
- SHA1
  
  938837e2ef4b5faf6e73b12bce5d2ae76492ebd1
- SHA256
  
  86de27188041f0452250f7bbfdc564544645fd33c9715c5de3485ed8d2061f0b
- SHA512
  
  59fb874ad4c4a01c35c3ca64bfbda7348c114f063f4cd4d0be936014f080360ab81ae05d3204dd25a1ec00046cecc5602f5756dfc832ad0ebba313dc3d0042e6
- SSDEEP
  
  98304:usONNm7PT4Bo1mXj0JWUM0fF26GswlVA8xobiI566j9Aq:uuAUMs2/sB8Sb5xiq
Score

10^/10

amadey trojan
- Amadey
  Amadey bot is a simple trojan bot primarily used for collecting reconnaissance information.
  trojan amadey
- Amadey family
  amadey
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2