Overview

overview

10

Static

static

10

2756-3-0x0...ry.exe

windows7-x64

10

2756-3-0x0...ry.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2756-3-0x0000000000AC0000-0x0000000000F74000-memory.dmp

  • Size

    4.7MB

  • Sample

    241126-jdvj3a1ma1

  • MD5

    6c767f508d58dfe7ef173b239e814823

  • SHA1

    7e9fed515b7786b9a7a5182b29e6589c1390364f

  • SHA256

    0f937b8c4dbe09e32029b307ed3c77ce92ea97133b0af0ad8fd19bbb325efdd2

  • SHA512

    78d87dd8d84675818be75e2dad9ab61333febb06b5e535327982f4d148ba0de42a443903a04eb43dd612e8728a8771db197b07970615638fd34de912f04977ec

  • SSDEEP

    98304:MrHs/e13lcJvikflJnMGQTDQOPJhUFE10ykaUmvFiz:MytM/TsOPJh8yYs

Score
10/10
amadey9c9aa5trojan

Malware Config

Extracted

Family

amadey

Version

4.42

Botnet

9c9aa5

C2

http://185.215.113.43

Attributes
  • install_dir

    abc3bc1985

  • install_file

    skotes.exe

  • strings_key

    8a35cf2ea38c2817dba29a4b5b25dcf0

  • url_paths

    /Zu7JuNko/index.php

rc4.plain

Targets

    • Target

      2756-3-0x0000000000AC0000-0x0000000000F74000-memory.dmp

    • Size

      4.7MB

    • MD5

      6c767f508d58dfe7ef173b239e814823

    • SHA1

      7e9fed515b7786b9a7a5182b29e6589c1390364f

    • SHA256

      0f937b8c4dbe09e32029b307ed3c77ce92ea97133b0af0ad8fd19bbb325efdd2

    • SHA512

      78d87dd8d84675818be75e2dad9ab61333febb06b5e535327982f4d148ba0de42a443903a04eb43dd612e8728a8771db197b07970615638fd34de912f04977ec

    • SSDEEP

      98304:MrHs/e13lcJvikflJnMGQTDQOPJhUFE10ykaUmvFiz:MytM/TsOPJh8yYs

    Score
    10/10
    amadeytrojan

    • Amadey

      Amadey bot is a simple trojan bot primarily used for collecting reconnaissance information.

      trojanamadey

    • Amadey family

      amadey
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks