General
-
Target
1860-2-0x00000000009E1000-0x0000000000A49000-memory.dmp
-
Size
416KB
-
Sample
241212-11vxsa1kfq
-
MD5
17c576fce713b1294d36e64b5856e71e
-
SHA1
2581c6949bb0dc881f839f013d08c6e19592e6f8
-
SHA256
2fb995b0d757cee2137f5a93aa9947f10652ebf8fd5ee3c1d54a40f17617e560
-
SHA512
4cca66e3600226795a79d7fabb936764041cf945127a2c57df7e37ce127329cba12f3d4d9c9c916a633f0efaf25ece8925a6f01161f9ec45705109f13a4b0b1e
-
SSDEEP
12288:rlicFy3667LJ5jxdr5TyJUlLW/a43uEIAT1:8Yy3v7FVPF1lShT
Malware Config
Extracted
Family
amadey
Version
4.42
Botnet
9c9aa5
C2
http://185.215.113.43
Attributes
-
install_dir
abc3bc1985
-
install_file
skotes.exe
-
strings_key
8a35cf2ea38c2817dba29a4b5b25dcf0
-
url_paths
/Zu7JuNko/index.php
rc4.plain