amadey | 2ca90359af9b813d46ad18a021a64c1ccd612b8777b2f9ef2ae2d7259ba0abbb | Triage

Sharing

General

Target

2848-32-0x0000000000800000-0x0000000000874000-memory.dmp
Size

464KB
Sample

241216-sdx5matjdz
MD5

db34119331a1d5bd3704b3a0d608baf4
SHA1

3d4ed41739252a067bbc2d551369339e13d3de80
SHA256

2ca90359af9b813d46ad18a021a64c1ccd612b8777b2f9ef2ae2d7259ba0abbb
SHA512

31e0cfd7205c8ba37465ebe034cf177c820b6f2f0ab5d617e65de677de06ea294e50b45b800d8876f40aae2141ed507dfa1ff78f9b63546c79269740a5311c72
SSDEEP

12288:Hj98bKozHw6UGa0WPp7XlcoMGXidhwmp5kM:mHwBhBbMUiIkk

Score

10^/10

amadey 8a680c

Malware Config

Extracted

Family

amadey

Version

5.10

Botnet

8a680c

C2

http://62.60.226.15

Attributes

install_dir
f39a3c5206
install_file
Gxtuum.exe
strings_key
a1bf8674ebe6a09a1462faf683ebc122
url_paths
/8fj482jd9/index.php

rc4.plain

Targets

- Target
  
  2848-32-0x0000000000800000-0x0000000000874000-memory.dmp
- Size
  
  464KB
- MD5
  
  db34119331a1d5bd3704b3a0d608baf4
- SHA1
  
  3d4ed41739252a067bbc2d551369339e13d3de80
- SHA256
  
  2ca90359af9b813d46ad18a021a64c1ccd612b8777b2f9ef2ae2d7259ba0abbb
- SHA512
  
  31e0cfd7205c8ba37465ebe034cf177c820b6f2f0ab5d617e65de677de06ea294e50b45b800d8876f40aae2141ed507dfa1ff78f9b63546c79269740a5311c72
- SSDEEP
  
  12288:Hj98bKozHw6UGa0WPp7XlcoMGXidhwmp5kM:mHwBhBbMUiIkk
Score

1^/10
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2