Overview

overview

10

Static

static

10

3432-1201-...ry.exe

windows7-x64

1

3432-1201-...ry.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3432-1201-0x0000000000400000-0x0000000000473000-memory.dmp

  • Size

    460KB

  • Sample

    241216-spmg9svjdk

  • MD5

    c731b91be45f7a98f16dd880e49e192d

  • SHA1

    a8b7a3b1ffaf2155590d6b34b339f1488a0676c3

  • SHA256

    8dd2322c815a2048dbc229357239003f1822730359d7ab7aff8c734448510273

  • SHA512

    f4d423079ac742dfd2aa27b0cab1b1010df92878174ac84efdaeeac522a3e310817a11148280fec5d2af0f8062e97d04c6409422ba40d24eaaf53a1a30672bc0

  • SSDEEP

    6144:rs9CceayWHm71Y2pDmbgqxDwk82hl/Vx4p5Cp/yFPMsXnQODVNIg+0TtgiLAOAZU:rs9CceayWHmO21YDnL/yFPMsXMiLqTk

Score
10/10
amadeyb44aeb

Malware Config

Extracted

Family

amadey

Version

5.04

Botnet

b44aeb

Attributes
  • install_dir

    7725ce688f

  • install_file

    Gxtuum.exe

  • strings_key

    8bf9b3f72bb53c678e0173edf42df1ae

  • url_paths

    /3ofn3jf3e2ljk/index.php

rc4.plain

Targets

    • Target

      3432-1201-0x0000000000400000-0x0000000000473000-memory.dmp

    • Size

      460KB

    • MD5

      c731b91be45f7a98f16dd880e49e192d

    • SHA1

      a8b7a3b1ffaf2155590d6b34b339f1488a0676c3

    • SHA256

      8dd2322c815a2048dbc229357239003f1822730359d7ab7aff8c734448510273

    • SHA512

      f4d423079ac742dfd2aa27b0cab1b1010df92878174ac84efdaeeac522a3e310817a11148280fec5d2af0f8062e97d04c6409422ba40d24eaaf53a1a30672bc0

    • SSDEEP

      6144:rs9CceayWHm71Y2pDmbgqxDwk82hl/Vx4p5Cp/yFPMsXnQODVNIg+0TtgiLAOAZU:rs9CceayWHmO21YDnL/yFPMsXMiLqTk

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks