Extracted

• • Target

    59e1274b8ea5db61ae44c9173dd436ea6429c46e564111b3692ca5b4b8c92866.exe

  • Size

    429KB

  • MD5

    d57994415028bc1cb241cb794c37c487

  • SHA1

    3be0d72714add961db62f8f764dadf6662dc36b0

  • SHA256

    59e1274b8ea5db61ae44c9173dd436ea6429c46e564111b3692ca5b4b8c92866

  • SHA512

    ea3caaa89a99d64f2e96bd8f4834282923341d94a2ebb09ad109dd7d2b448faa06238fbc4f1bdeaa3fcdc4e6afe2911667909df7ce2f27d52493af5abcff722a

  • SSDEEP

    12288:v4RG6lx/9Njr18QlSfJy4FjMSkJCzDLGDWDw:O9NtSTZMzmmD4w

  Score

  10^/10

  amadeyd5db2ddiscoverytrojan

  • Amadey

    Amadey bot is a simple trojan bot primarily used for collecting reconnaissance information.

    trojanamadey

  • Amadey family

    amadey

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE

  • Loads dropped DLL

  behavioral1behavioral2