amadey | be0430f4da5dd8cb4479d286f68f53532d01276aefbd98c43d4196325520e299 | Triage

Sharing

General

Target

2628-30-0x0000000000400000-0x000000000048C000-memory.dmp
Size

560KB
Sample

241216-stvpfatmdx
MD5

fb8f635126b418a18da1482cc150e088
SHA1

2f214b480ddd705fb0c93722bfe35b15de73c7ac
SHA256

be0430f4da5dd8cb4479d286f68f53532d01276aefbd98c43d4196325520e299
SHA512

55e15a5916c793aea50c3148a6d5f8b5f927b64dc129e7cb708b5825c85bf05b0bc939e4da250413ad5a1fa70f5e4c526e096798e3056a7285b0d26adb0597a6
SSDEEP

12288:Q/zT1HFqBB2LASU1aFJ7rbnjGq88DUqQA3V8e+o+ArAsLzPstZxf7PNl:fBBjSJ7/C8DHb

Score

10^/10

amadey 3b4498

Malware Config

Extracted

Family

amadey

Version

5.03

Botnet

3b4498

C2

http://gardenhub-fitlife.com

http://gardenhub-fitlife2.com

http://gardenhub-fitlife3.com

Attributes

strings_key
8ebb4a20053589d32f9b9ccd6234230f
url_paths
/g9jvjfd73/index.php

/g9jvjfd74/index.php

/8bkjdSdfjCe/index.php

rc4.plain

Targets

- Target
  
  2628-30-0x0000000000400000-0x000000000048C000-memory.dmp
- Size
  
  560KB
- MD5
  
  fb8f635126b418a18da1482cc150e088
- SHA1
  
  2f214b480ddd705fb0c93722bfe35b15de73c7ac
- SHA256
  
  be0430f4da5dd8cb4479d286f68f53532d01276aefbd98c43d4196325520e299
- SHA512
  
  55e15a5916c793aea50c3148a6d5f8b5f927b64dc129e7cb708b5825c85bf05b0bc939e4da250413ad5a1fa70f5e4c526e096798e3056a7285b0d26adb0597a6
- SSDEEP
  
  12288:Q/zT1HFqBB2LASU1aFJ7rbnjGq88DUqQA3V8e+o+ArAsLzPstZxf7PNl:fBBjSJ7/C8DHb
Score

1^/10
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2