General

  • Target

    4572-16-0x00000000008A1000-0x0000000000909000-memory.dmp

  • Size

    416KB

  • Sample

    241212-q7av3swlgx

  • MD5

    57fa215a42759e5c8fca8d565e82061d

  • SHA1

    0ab0fbf7882938a9711d47fd38c58662c54b4514

  • SHA256

    e2ff7aa9aabaa48af7fed3fd9634699b3c60a7329eae33ff716462bfa799e61d

  • SHA512

    0eed95f5bb8a168e49aa0d473ba139926f70d11a373422a214446eb1f6a9cc9270e734f0f749c4f4698cec787a64b846badce0c0749f4b11fed3ca5e6662f9fe

  • SSDEEP

    12288:frfIYeDkNupNJwPzfNsQgJs/0lju40Mf:MnDkNuL+bUJzxf

Score
10/10

Malware Config

Extracted

Family

amadey

Version

4.42

Botnet

9c9aa5

C2

http://185.215.113.43

Attributes
  • install_dir

    abc3bc1985

  • install_file

    skotes.exe

  • strings_key

    8a35cf2ea38c2817dba29a4b5b25dcf0

  • url_paths

    /Zu7JuNko/index.php

rc4.plain

Targets

    Tasks