amadey | a056dcd40c2bc02637f0d35bb5558d84f4adbc5b2f61f0452bf0067da97d2041 | Triage

Sharing

General

Target

a056dcd40c2bc02637f0d35bb5558d84f4adbc5b2f61f0452bf0067da97d2041
Size

124KB
Sample

241216-3ma2kavjej
MD5

2b252fcee2eec5371a13e6615abfcc22
SHA1

6be4a876b68747af62ba178c5c8ff749583d99cc
SHA256

a056dcd40c2bc02637f0d35bb5558d84f4adbc5b2f61f0452bf0067da97d2041
SHA512

0c7682928aca3045396555574a7ca35e1527d20d197f78aca19feffc9fb0265b8db71bad9d434c4e24fcb3bfbab7a534926f1dd5b060de052914e4b2d5ce4cb1
SSDEEP

3072:3dUmIYSBYZuziT7Sgmu1ErYn/YoZ3SNqbZidU1epo:GBY7yASgb1ErY3Z3zodUwpo

Score

10^/10

amadey 056009 discovery

Malware Config

Extracted

Family

amadey

Version

5.10

Botnet

056009

C2

http://62.60.226.15

Attributes

strings_key
c9d48ffd19ff3a755b9ab2fe5196683b
url_paths
/8fj482jd9/index.php

rc4.plain

Targets

- Target
  
  a056dcd40c2bc02637f0d35bb5558d84f4adbc5b2f61f0452bf0067da97d2041
- Size
  
  124KB
- MD5
  
  2b252fcee2eec5371a13e6615abfcc22
- SHA1
  
  6be4a876b68747af62ba178c5c8ff749583d99cc
- SHA256
  
  a056dcd40c2bc02637f0d35bb5558d84f4adbc5b2f61f0452bf0067da97d2041
- SHA512
  
  0c7682928aca3045396555574a7ca35e1527d20d197f78aca19feffc9fb0265b8db71bad9d434c4e24fcb3bfbab7a534926f1dd5b060de052914e4b2d5ce4cb1
- SSDEEP
  
  3072:3dUmIYSBYZuziT7Sgmu1ErYn/YoZ3SNqbZidU1epo:GBY7yASgb1ErY3Z3zodUwpo
Score

3^/10

discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2