amadey | 8c221ce2a4272fad7430027fd399d0593e4a518c583e52e1fffea33703aa6961 | Triage

Sharing

General

Target

2040-35-0x00000000000D0000-0x00000000003DF000-memory.dmp
Size

3.1MB
Sample

241227-cbj7zsynbj
MD5

f5763d2329c68cdc4c940a33220ed971
SHA1

97c87124a167c0b6f3c4324ab5e3fcc7f67a11ac
SHA256

8c221ce2a4272fad7430027fd399d0593e4a518c583e52e1fffea33703aa6961
SHA512

55b672b5a9ce80f98d770dbd36865ed3b5a77d4964fbdec1684f6e28220822c143d0a165c90645a4ded40a75e9edf5cf58b6a98432682d2ad0484d2cb03e971d
SSDEEP

49152:j47O6qkQ6RZ5Zus2uZdkkKj5DDahIRQqjAct9I9:U7O6qkQYnZus2Gqp5D2ed169

Score

10^/10

amadey 9c9aa5 trojan

Malware Config

Extracted

Family

amadey

Version

4.42

Botnet

9c9aa5

C2

http://185.215.113.43

Attributes

install_dir
abc3bc1985
install_file
skotes.exe
strings_key
8a35cf2ea38c2817dba29a4b5b25dcf0
url_paths
/Zu7JuNko/index.php

rc4.plain

Targets

- Target
  
  2040-35-0x00000000000D0000-0x00000000003DF000-memory.dmp
- Size
  
  3.1MB
- MD5
  
  f5763d2329c68cdc4c940a33220ed971
- SHA1
  
  97c87124a167c0b6f3c4324ab5e3fcc7f67a11ac
- SHA256
  
  8c221ce2a4272fad7430027fd399d0593e4a518c583e52e1fffea33703aa6961
- SHA512
  
  55b672b5a9ce80f98d770dbd36865ed3b5a77d4964fbdec1684f6e28220822c143d0a165c90645a4ded40a75e9edf5cf58b6a98432682d2ad0484d2cb03e971d
- SSDEEP
  
  49152:j47O6qkQ6RZ5Zus2uZdkkKj5DDahIRQqjAct9I9:U7O6qkQYnZus2Gqp5D2ed169
Score

10^/10

amadey 9c9aa5 trojan
- Amadey
  Amadey bot is a simple trojan bot primarily used for collecting reconnaissance information.
  trojan amadey
- Amadey family
  amadey
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

amadey9c9aa5trojan

behavioral2

amadey9c9aa5trojan