amadey | ece13b38a35b05fd08253777ca146a9d60ea2d194877921e2ee98e311f842c28 | Triage

Sharing

General

Target

1316-17-0x00000000000C0000-0x00000000003DB000-memory.dmp
Size

3.1MB
Sample

241212-ykj48svrcy
MD5

a830754d5c822b3e76b0331740f9155f
SHA1

b698cae413d5b36615cad25d9f2749c17b32987a
SHA256

ece13b38a35b05fd08253777ca146a9d60ea2d194877921e2ee98e311f842c28
SHA512

e30cef558a2043e17252fb891b0a5c97d95a49876cd7095914e1c08a6e1335003856256643d83349fde715a53583afaefd0b2f9847603e58f01b345e43a7830a
SSDEEP

49152:i+S5ZfwVD1v/WQBpMrj+F0GxzLl4gNFuE2o:xS5ZfwVV/WQvMrjJqR4o2o

Score

10^/10

amadey 9c9aa5 trojan

Malware Config

Extracted

Family

amadey

Version

4.42

Botnet

9c9aa5

C2

http://185.215.113.43

Attributes

install_dir
abc3bc1985
install_file
skotes.exe
strings_key
8a35cf2ea38c2817dba29a4b5b25dcf0
url_paths
/Zu7JuNko/index.php

rc4.plain

Targets

- Target
  
  1316-17-0x00000000000C0000-0x00000000003DB000-memory.dmp
- Size
  
  3.1MB
- MD5
  
  a830754d5c822b3e76b0331740f9155f
- SHA1
  
  b698cae413d5b36615cad25d9f2749c17b32987a
- SHA256
  
  ece13b38a35b05fd08253777ca146a9d60ea2d194877921e2ee98e311f842c28
- SHA512
  
  e30cef558a2043e17252fb891b0a5c97d95a49876cd7095914e1c08a6e1335003856256643d83349fde715a53583afaefd0b2f9847603e58f01b345e43a7830a
- SSDEEP
  
  49152:i+S5ZfwVD1v/WQBpMrj+F0GxzLl4gNFuE2o:xS5ZfwVV/WQvMrjJqR4o2o
Score

10^/10

amadey trojan 9c9aa5
- Amadey
  Amadey bot is a simple trojan bot primarily used for collecting reconnaissance information.
  trojan amadey
- Amadey family
  amadey
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

amadey9c9aa5trojan