Overview

overview

10

Static

static

10

2772-3-0x0...ry.exe

windows7-x64

10

2772-3-0x0...ry.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2772-3-0x0000000000080000-0x0000000000531000-memory.dmp

  • Size

    4.7MB

  • Sample

    241126-kqj5jatmfv

  • MD5

    ddda78cd2b1f3ed049eb9d67792da878

  • SHA1

    5f54131dc0ca82ae8a36425e38446b493345bc56

  • SHA256

    ad3db5aecece1b49470a5eba3eedd0c885e54ce38cc36f544e59cdba37308397

  • SHA512

    d8dcf2fcd97baeb87b45b3cfc419275914d216cfe79b77b6a830ca2cdcdfb5dfd6de244477a573beb5c5f93983f0af7b11b596076ae4b64e4195ba9ed6c8407c

  • SSDEEP

    98304:lmsgzsB5aICq7zdZsOosgIVybKehH31ZKENGcTIoZmX9FEwY5o:lNEjNIQbKcH33X9QX9nY5o

Score
10/10
amadey9c9aa5trojan

Malware Config

Extracted

Family

amadey

Version

4.42

Botnet

9c9aa5

C2

http://185.215.113.43

Attributes
  • install_dir

    abc3bc1985

  • install_file

    skotes.exe

  • strings_key

    8a35cf2ea38c2817dba29a4b5b25dcf0

  • url_paths

    /Zu7JuNko/index.php

rc4.plain

Targets

    • Target

      2772-3-0x0000000000080000-0x0000000000531000-memory.dmp

    • Size

      4.7MB

    • MD5

      ddda78cd2b1f3ed049eb9d67792da878

    • SHA1

      5f54131dc0ca82ae8a36425e38446b493345bc56

    • SHA256

      ad3db5aecece1b49470a5eba3eedd0c885e54ce38cc36f544e59cdba37308397

    • SHA512

      d8dcf2fcd97baeb87b45b3cfc419275914d216cfe79b77b6a830ca2cdcdfb5dfd6de244477a573beb5c5f93983f0af7b11b596076ae4b64e4195ba9ed6c8407c

    • SSDEEP

      98304:lmsgzsB5aICq7zdZsOosgIVybKehH31ZKENGcTIoZmX9FEwY5o:lNEjNIQbKcH33X9QX9nY5o

    Score
    10/10
    amadeytrojan

    • Amadey

      Amadey bot is a simple trojan bot primarily used for collecting reconnaissance information.

      trojanamadey

    • Amadey family

      amadey
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks