amadey | 2818a78e6dec837379382f140433e10cb14a160fc8433f73bdb14da0bdff74fa | Triage

Sharing

General

Target

1920-57-0x00000000066C0000-0x0000000006F4D000-memory.dmp
Size

8.6MB
Sample

241212-ta4nns1len
MD5

ceeaeaf3051d2d9ebf0653e133a812a5
SHA1

1a6e0cf2069c7020d8c2ca81fcf0a1fa85207938
SHA256

2818a78e6dec837379382f140433e10cb14a160fc8433f73bdb14da0bdff74fa
SHA512

46c91d9426094053febf3b6cb38b80e912e5b8e8266518daf4389e1768ac51d65f3a37726c13726630b401cd27f7331fe93898ca870cb1913890853b69ba27e0
SSDEEP

98304:ncqR4p+ZRt43UAYcEHtcn3ORdeSLr4LrtwqR4p+Z4t43UAYcEHtZC3ORdeSLXVwL:nJ23OR4grSrt6fQOR4gXVzcz

Score

10^/10

amadey 9c9aa5 trojan

Malware Config

Extracted

Family

amadey

Version

4.42

Botnet

9c9aa5

C2

http://185.215.113.43

Attributes

install_dir
abc3bc1985
install_file
skotes.exe
strings_key
8a35cf2ea38c2817dba29a4b5b25dcf0
url_paths
/Zu7JuNko/index.php

rc4.plain

Targets

- Target
  
  1920-57-0x00000000066C0000-0x0000000006F4D000-memory.dmp
- Size
  
  8.6MB
- MD5
  
  ceeaeaf3051d2d9ebf0653e133a812a5
- SHA1
  
  1a6e0cf2069c7020d8c2ca81fcf0a1fa85207938
- SHA256
  
  2818a78e6dec837379382f140433e10cb14a160fc8433f73bdb14da0bdff74fa
- SHA512
  
  46c91d9426094053febf3b6cb38b80e912e5b8e8266518daf4389e1768ac51d65f3a37726c13726630b401cd27f7331fe93898ca870cb1913890853b69ba27e0
- SSDEEP
  
  98304:ncqR4p+ZRt43UAYcEHtcn3ORdeSLr4LrtwqR4p+Z4t43UAYcEHtZC3ORdeSLXVwL:nJ23OR4grSrt6fQOR4gXVzcz
Score

10^/10

amadey 9c9aa5 trojan
- Amadey
  Amadey bot is a simple trojan bot primarily used for collecting reconnaissance information.
  trojan amadey
- Amadey family
  amadey
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

amadey9c9aa5trojan

behavioral2

amadey9c9aa5trojan