Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2628-3-0x0000000001190000-0x0000000001654000-memory.dmp
-
Size
4.8MB
-
MD5
bb8f8b6d5cb5a373c98c124bb7b67227
-
SHA1
772f1e6d369c6346bdbb31183252941809fcf50b
-
SHA256
d7b181830a5f26d63f33ae100a1e4fe53b17c841115ab3d4532da7fcaed64379
-
SHA512
0f436067978af3f773675321c5cd01847d616f26b9ded9c808f39c8f69bf1db83a23664b52f3dd69d1125ca6df18c3b7668a7c404dbe70047c72b3a19e729987
-
SSDEEP
98304:88fIFIuqEFlwBgMYUpxUbWBNTvsdkEhXBPcjqoq3m139s6/8Upcz:8RPvU3UONTvsncTql6tm
Score
10/10
Malware Config
Extracted
Family
amadey
Version
4.41
Botnet
fed3aa
C2
http://185.215.113.16
Attributes
-
install_dir
44111dbc49
-
install_file
axplong.exe
-
strings_key
8d0ad6945b1a30a186ec2d30be6db0b5
-
url_paths
/Jo89Ku7d/index.php
rc4.plain
Signatures
-
Amadey family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
2628-3-0x0000000001190000-0x0000000001654000-memory.dmp
Headers
Sections