Overview

overview

10

Static

static

10

3524-1199-...ry.exe

windows7-x64

1

3524-1199-...ry.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3524-1199-0x0000000000400000-0x0000000000473000-memory.dmp

  • Size

    460KB

  • Sample

    241216-sjxq2stkdv

  • MD5

    1b10ebf1723582a6f41d899ed0658bf3

  • SHA1

    60277afd308053046e6f4480b7a5386ac1775e76

  • SHA256

    db824e01cf27d78f252890049a521e6d2770036db61b3ab556b120741353f011

  • SHA512

    f7ebd38c3faf74bbe50db59a36f7b4f234c4cd552fe96c13eb15974d2f3c4623cff2b00fd2ab01eb85951d3eab398a39e56b6ddf2fd8998237beaa26242b5d24

  • SSDEEP

    6144:rs9CceayWHm71Y2pDmbgqxDwk82hl/Vx4p5Cp/yFPMsXnQODVNIg+0TtgXLAOAZR:rs9CceayWHmO21YDnL/yFPMsXMXLZTk

Score
10/10
amadeyb44aeb

Malware Config

Extracted

Family

amadey

Version

5.04

Botnet

b44aeb

Attributes
  • install_dir

    7725ce688f

  • install_file

    Gxtuum.exe

  • strings_key

    8bf9b3f72bb53c678e0173edf42df1ae

  • url_paths

    /3ofn3jf3e2ljk/index.php

rc4.plain

Targets

    • Target

      3524-1199-0x0000000000400000-0x0000000000473000-memory.dmp

    • Size

      460KB

    • MD5

      1b10ebf1723582a6f41d899ed0658bf3

    • SHA1

      60277afd308053046e6f4480b7a5386ac1775e76

    • SHA256

      db824e01cf27d78f252890049a521e6d2770036db61b3ab556b120741353f011

    • SHA512

      f7ebd38c3faf74bbe50db59a36f7b4f234c4cd552fe96c13eb15974d2f3c4623cff2b00fd2ab01eb85951d3eab398a39e56b6ddf2fd8998237beaa26242b5d24

    • SSDEEP

      6144:rs9CceayWHm71Y2pDmbgqxDwk82hl/Vx4p5Cp/yFPMsXnQODVNIg+0TtgXLAOAZR:rs9CceayWHmO21YDnL/yFPMsXMXLZTk

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks