General

  • Target

    47f8a270b27c18bab9013f4a8f0ee6e877e4050bd4018d682eb502bcfd5bff6d.exe

  • Size

    1.2MB

  • MD5

    d862c12a4467ebae581a8c0cc3ea2211

  • SHA1

    9e797375b9b4422b2314d3e372628643ccf1c5db

  • SHA256

    47f8a270b27c18bab9013f4a8f0ee6e877e4050bd4018d682eb502bcfd5bff6d

  • SHA512

    cf6545df4a244bb7dc699a565759f97c759ba19bcc9ad9ad91a20cd07aee19cbe10eb82dd21416b717581b34dc4f24ba6d43a00e7d8018b8be133dbbc9e8113c

  • SSDEEP

    24576:MO/VvL5QafhQsnoXyaoMferXQ5rnxQBuLv8Y4JKMfUO9l:Z5nfhQzOMoA5rnxHv8PKre

Score
10/10

Malware Config

Extracted

Family

amadey

Version

5.12

Botnet

d5db2d

C2

http://212.193.31.8

Attributes
  • strings_key

    0e18a2a9dd22cd0f87c9fba7075c3b39

  • url_paths

    /3ofn3jf3e2ljk2/index.php

rc4.plain

Signatures

  • Amadey family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 47f8a270b27c18bab9013f4a8f0ee6e877e4050bd4018d682eb502bcfd5bff6d.exe
    .dll windows:6 windows x64 arch:x64

    3f175edea93fa7a76a78004d12de2235


    Headers

    Imports

    Exports

    Sections