Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

2848-3-0x0...ry.exe

windows7-x64

10

2848-3-0x0...ry.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2848-3-0x0000000000FB0000-0x00000000012BD000-memory.dmp

  • Size

    3.1MB

  • Sample

    241226-wbnd7asqdz

  • MD5

    2354f2cd146e13ffb2812fbfa5ff4311

  • SHA1

    d196a68038859f67924661703afe5f6431d171f5

  • SHA256

    ee7f13f76365158a8640901aaa1eef3dda9499288cb2734f934ace5eaa95a937

  • SHA512

    347cb6efee6d4e57f0e72ab052a48807e825b497dbd00b1cf3618de0799e2f6c3d8beef496baab21d5eb9a8546a4aa776ba16cc946a3677adffab292c2536e9d

  • SSDEEP

    49152:qVcSbrEVgvkoSDz5y6RK5LXCeXn2zeur:GcSbrEVmkoSDz5PK5zCQMeur

Score
10/10
amadey9c9aa5trojan

Malware Config

Extracted

Family

amadey

Version

4.42

Botnet

9c9aa5

C2

http://185.215.113.43

Attributes
  • install_dir

    abc3bc1985

  • install_file

    skotes.exe

  • strings_key

    8a35cf2ea38c2817dba29a4b5b25dcf0

  • url_paths

    /Zu7JuNko/index.php

rc4.plain

Targets

    • Target

      2848-3-0x0000000000FB0000-0x00000000012BD000-memory.dmp

    • Size

      3.1MB

    • MD5

      2354f2cd146e13ffb2812fbfa5ff4311

    • SHA1

      d196a68038859f67924661703afe5f6431d171f5

    • SHA256

      ee7f13f76365158a8640901aaa1eef3dda9499288cb2734f934ace5eaa95a937

    • SHA512

      347cb6efee6d4e57f0e72ab052a48807e825b497dbd00b1cf3618de0799e2f6c3d8beef496baab21d5eb9a8546a4aa776ba16cc946a3677adffab292c2536e9d

    • SSDEEP

      49152:qVcSbrEVgvkoSDz5y6RK5LXCeXn2zeur:GcSbrEVmkoSDz5PK5zCQMeur

    Score
    10/10
    amadey9c9aa5trojan

    • Amadey

      Amadey bot is a simple trojan bot primarily used for collecting reconnaissance information.

      trojanamadey

    • Amadey family

      amadey
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks