Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2856-3-0x0000000000AA0000-0x0000000000F64000-memory.dmp
-
Size
4.8MB
-
MD5
a292b65a69eb2d08eeddda077be418b8
-
SHA1
b6b44ae2e626ff2fd9ce12b8f4f9dec6addd5f5c
-
SHA256
fdfb58f2232e9d3fd4fd1db0684e1c92b9cf5be9d1dad46019fc152e6e9dfb87
-
SHA512
a0d5c998e84efc967225f25857f9362f4294792dc470a2aa02e781da7b973716142616d2fd1efd217e466e3f4f6b8c54c93fd067a970733376d890e4c392d4c8
-
SSDEEP
98304:dj6RZZfwqxvGRqDdP0dmD05FEJIglCF1VpfKkf47CWmTyHiiXG:dGR7OII08VpfK+4l9HVX
Score
10/10
Malware Config
Extracted
Family
amadey
Version
4.41
Botnet
fed3aa
C2
http://185.215.113.16
Attributes
-
install_dir
44111dbc49
-
install_file
axplong.exe
-
strings_key
8d0ad6945b1a30a186ec2d30be6db0b5
-
url_paths
/Jo89Ku7d/index.php
rc4.plain
1
a091ec0a6e22276a96a99c1d34ef679c
Signatures
-
Amadey family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
2856-3-0x0000000000AA0000-0x0000000000F64000-memory.dmp
Headers
Sections