amadey | 89b7d18c41afe07ef3b6b235d2c6fab92d59a5870873cf58452aeae47663384d | Triage

Sharing

General

Target

2808-78-0x0000000006870000-0x00000000070DD000-memory.dmp
Size

8.4MB
Sample

241212-tsvtgszkaw
MD5

0d587f4ff1632bc7fd69d7bf3474f696
SHA1

44d04f36ec12ffd3b1c21397c2029dd25113fac5
SHA256

89b7d18c41afe07ef3b6b235d2c6fab92d59a5870873cf58452aeae47663384d
SHA512

6cf3f17c26105b04d14b9998dfaca615fa05822fb7cdba1362e299bbf252d23d4504d25978d53b911b2c95a10ba19f44c8734807ce7fca3c0c1d6f58a5567ed0
SSDEEP

98304:D3NqMtiAFGlXMevc8bCBSjKG5D3G+4B3NqMtiEFGlXMevc8bCBSjKF503G+403Nq:DRKBTT5D3hilKBT8503hjRKBTT5h

Score

10^/10

amadey 9c9aa5 trojan

Malware Config

Extracted

Family

amadey

Version

4.42

Botnet

9c9aa5

C2

http://185.215.113.43

Attributes

install_dir
abc3bc1985
install_file
skotes.exe
strings_key
8a35cf2ea38c2817dba29a4b5b25dcf0
url_paths
/Zu7JuNko/index.php

rc4.plain

Targets

- Target
  
  2808-78-0x0000000006870000-0x00000000070DD000-memory.dmp
- Size
  
  8.4MB
- MD5
  
  0d587f4ff1632bc7fd69d7bf3474f696
- SHA1
  
  44d04f36ec12ffd3b1c21397c2029dd25113fac5
- SHA256
  
  89b7d18c41afe07ef3b6b235d2c6fab92d59a5870873cf58452aeae47663384d
- SHA512
  
  6cf3f17c26105b04d14b9998dfaca615fa05822fb7cdba1362e299bbf252d23d4504d25978d53b911b2c95a10ba19f44c8734807ce7fca3c0c1d6f58a5567ed0
- SSDEEP
  
  98304:D3NqMtiAFGlXMevc8bCBSjKG5D3G+4B3NqMtiEFGlXMevc8bCBSjKF503G+403Nq:DRKBTT5D3hilKBT8503hjRKBTT5h
Score

10^/10

amadey 9c9aa5 trojan
- Amadey
  Amadey bot is a simple trojan bot primarily used for collecting reconnaissance information.
  trojan amadey
- Amadey family
  amadey
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

amadey9c9aa5trojan

behavioral2

amadey9c9aa5trojan