amadey | a2b231c3c062ad0238aab58173f08128dfe734f883666a4fa88f7893e67f697f | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

2316-3-0x0...ry.exe

windows7-x64

2316-3-0x0...ry.exe

windows10-2004-x64

Sharing

General

Target

2316-3-0x0000000000B80000-0x0000000000EAE000-memory.dmp
Size

3.2MB
Sample

241226-wtyb4stncv
MD5

6fd7aec410de94869eb1409cf2a305de
SHA1

2cd18af184767a0472177c44108f906e3f5af379
SHA256

a2b231c3c062ad0238aab58173f08128dfe734f883666a4fa88f7893e67f697f
SHA512

069e58f84d8b8e7f141e37f60d546386d4a25a22febe9d28fb3ad25824291bc7de036ee88ae17d1a7a62544c8778a1d34205adcc40a14017bb4cbf5ba3cdf69d
SSDEEP

49152:G9biODGRDJFF6XhbB2fkGdMdBXS7oZS9skYldv9BYQd75s5YL:KbiODGRDoXhbB2fkGdMoYl/Bpd75s5

Score

10^/10

amadey 9c9aa5 trojan

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

2316-3-0x0000000000B80000-0x0000000000EAE000-memory.exe

Resource

win7-20241010-en

amadey 9c9aa5 trojan

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

2316-3-0x0000000000B80000-0x0000000000EAE000-memory.exe

Resource

win10v2004-20241007-en

amadey 9c9aa5 trojan

windows10-2004-x64

2 signatures

150 seconds

Malware Config

Extracted

Family

amadey

Version

4.42

Botnet

9c9aa5

C2

http://185.215.113.43

Attributes

install_dir
abc3bc1985
install_file
skotes.exe
strings_key
8a35cf2ea38c2817dba29a4b5b25dcf0
url_paths
/Zu7JuNko/index.php

rc4.plain

1
006700e5a2ab05704bbb0c589b88924d

Targets

- Target
  
  2316-3-0x0000000000B80000-0x0000000000EAE000-memory.dmp
- Size
  
  3.2MB
- MD5
  
  6fd7aec410de94869eb1409cf2a305de
- SHA1
  
  2cd18af184767a0472177c44108f906e3f5af379
- SHA256
  
  a2b231c3c062ad0238aab58173f08128dfe734f883666a4fa88f7893e67f697f
- SHA512
  
  069e58f84d8b8e7f141e37f60d546386d4a25a22febe9d28fb3ad25824291bc7de036ee88ae17d1a7a62544c8778a1d34205adcc40a14017bb4cbf5ba3cdf69d
- SSDEEP
  
  49152:G9biODGRDJFF6XhbB2fkGdMdBXS7oZS9skYldv9BYQd75s5YL:KbiODGRDoXhbB2fkGdMoYl/Bpd75s5
Score

10^/10

amadey 9c9aa5 trojan
- Amadey
  Amadey bot is a simple trojan bot primarily used for collecting reconnaissance information.
  trojan amadey
- Amadey family
  amadey
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

amadey9c9aa5trojan

behavioral2

amadey9c9aa5trojan

© 2018-2025

Terms | Privacy

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.