Overview

overview

10

Static

static

10

2384-3-0x0...ry.exe

windows7-x64

10

2384-3-0x0...ry.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2384-3-0x0000000000340000-0x0000000000816000-memory.dmp

  • Size

    4.8MB

  • Sample

    241127-c8bxwasqex

  • MD5

    bcc376d7023530badaa7f78365115108

  • SHA1

    65098f9e09cfcc5a8cc47b4dc9f4b1d0b69a2a95

  • SHA256

    c0290ad6f580773e8c488f091994c1763afb6ebf823a1d038274cf9f3d47593d

  • SHA512

    bb2f4535c2941ddbe5f37af14fb3c2661234d27ae219b27850e6260243875ca79c0592758de93412ec7676f236e79b3179b52bcb90d7c7b6865a14e9e34f6dd1

  • SSDEEP

    98304:jebanAd8iAw1wnrPktOpvwWG3dje1nzfdotb/2:jrYuvwrNje1nzfdgb/2

Score
10/10
amadey9c9aa5trojan

Malware Config

Extracted

Family

amadey

Version

4.42

Botnet

9c9aa5

C2

http://185.215.113.43

Attributes
  • install_dir

    abc3bc1985

  • install_file

    skotes.exe

  • strings_key

    8a35cf2ea38c2817dba29a4b5b25dcf0

  • url_paths

    /Zu7JuNko/index.php

rc4.plain

Targets

    • Target

      2384-3-0x0000000000340000-0x0000000000816000-memory.dmp

    • Size

      4.8MB

    • MD5

      bcc376d7023530badaa7f78365115108

    • SHA1

      65098f9e09cfcc5a8cc47b4dc9f4b1d0b69a2a95

    • SHA256

      c0290ad6f580773e8c488f091994c1763afb6ebf823a1d038274cf9f3d47593d

    • SHA512

      bb2f4535c2941ddbe5f37af14fb3c2661234d27ae219b27850e6260243875ca79c0592758de93412ec7676f236e79b3179b52bcb90d7c7b6865a14e9e34f6dd1

    • SSDEEP

      98304:jebanAd8iAw1wnrPktOpvwWG3dje1nzfdotb/2:jrYuvwrNje1nzfdgb/2

    Score
    10/10
    amadeytrojan

    • Amadey

      Amadey bot is a simple trojan bot primarily used for collecting reconnaissance information.

      trojanamadey

    • Amadey family

      amadey
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks