General
-
Target
4572-16-0x00000000008A1000-0x0000000000909000-memory.dmp
-
Size
416KB
-
Sample
241212-q7av3swlgx
-
MD5
57fa215a42759e5c8fca8d565e82061d
-
SHA1
0ab0fbf7882938a9711d47fd38c58662c54b4514
-
SHA256
e2ff7aa9aabaa48af7fed3fd9634699b3c60a7329eae33ff716462bfa799e61d
-
SHA512
0eed95f5bb8a168e49aa0d473ba139926f70d11a373422a214446eb1f6a9cc9270e734f0f749c4f4698cec787a64b846badce0c0749f4b11fed3ca5e6662f9fe
-
SSDEEP
12288:frfIYeDkNupNJwPzfNsQgJs/0lju40Mf:MnDkNuL+bUJzxf
Malware Config
Extracted
Family
amadey
Version
4.42
Botnet
9c9aa5
C2
http://185.215.113.43
Attributes
-
install_dir
abc3bc1985
-
install_file
skotes.exe
-
strings_key
8a35cf2ea38c2817dba29a4b5b25dcf0
-
url_paths
/Zu7JuNko/index.php
rc4.plain