Overview

overview

10

Static

static

10

388-34-0x0...ry.exe

windows7-x64

10

388-34-0x0...ry.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    388-34-0x0000000000230000-0x0000000000706000-memory.dmp

  • Size

    4.8MB

  • Sample

    241126-ak4xmstngt

  • MD5

    75206375de036ea51cbbae7bd0b62bd1

  • SHA1

    2e4644a2e21cf9566a514b20123d17863c7275f8

  • SHA256

    96e328752e235facb831a259b9228c5771d8c10d3dfe7f02b342228b6ccfb8c3

  • SHA512

    442ca7c0209585d325cc3cba2fe2d715d4f0f9da1d55a84adbca8142b864367bfff0ae39655e106f398a48be1246931f8ad62da3d98fc0414cbdbff3a578d697

  • SSDEEP

    98304:noL/kpq+GnK0UUFNlRAIt8G9kMg2X7FuW0wwiLfG1sbjOSJ5C0o:nB6JUwuxOOibai

Score
10/10
amadey9c9aa5trojan

Malware Config

Extracted

Family

amadey

Version

4.42

Botnet

9c9aa5

C2

http://185.215.113.43

Attributes
  • install_dir

    abc3bc1985

  • install_file

    skotes.exe

  • strings_key

    8a35cf2ea38c2817dba29a4b5b25dcf0

  • url_paths

    /Zu7JuNko/index.php

rc4.plain

Targets

    • Target

      388-34-0x0000000000230000-0x0000000000706000-memory.dmp

    • Size

      4.8MB

    • MD5

      75206375de036ea51cbbae7bd0b62bd1

    • SHA1

      2e4644a2e21cf9566a514b20123d17863c7275f8

    • SHA256

      96e328752e235facb831a259b9228c5771d8c10d3dfe7f02b342228b6ccfb8c3

    • SHA512

      442ca7c0209585d325cc3cba2fe2d715d4f0f9da1d55a84adbca8142b864367bfff0ae39655e106f398a48be1246931f8ad62da3d98fc0414cbdbff3a578d697

    • SSDEEP

      98304:noL/kpq+GnK0UUFNlRAIt8G9kMg2X7FuW0wwiLfG1sbjOSJ5C0o:nB6JUwuxOOibai

    Score
    10/10
    amadeytrojan

    • Amadey

      Amadey bot is a simple trojan bot primarily used for collecting reconnaissance information.

      trojanamadey

    • Amadey family

      amadey
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks