amadey | 12098f58a14930c5c13a127c8b7bdd20786884fe053ff35689a72bec153f4915 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

840-3-0x00...ry.exe

windows7-x64

840-3-0x00...ry.exe

windows10-2004-x64

Sharing

General

Target

840-3-0x0000000000040000-0x00000000004E3000-memory.dmp
Size

4.6MB
Sample

241227-e78xbs1rdt
MD5

8678489054c3284ad0dd4f3dbe85da85
SHA1

c45b65dc08b37d4afa596f215de3515960c9014f
SHA256

12098f58a14930c5c13a127c8b7bdd20786884fe053ff35689a72bec153f4915
SHA512

9005067fc1bede8a57e0a17a604267a2a4ffd67614dbfaa27d029d93ca79f95035a4a5093ed1320836a5de615eff46c91f336fdddbb743bf498061353c0a9396
SSDEEP

98304:qYxYnGvmBN1LDzCgAeQNfWocFNasOgxE2+rqtCZq:qLzAeQNW0dgxE2Peq

Score

10^/10

amadey fed3aa trojan

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

840-3-0x0000000000040000-0x00000000004E3000-memory.exe

Resource

win7-20240903-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

840-3-0x0000000000040000-0x00000000004E3000-memory.exe

Resource

win10v2004-20241007-en

windows10-2004-x64

2 signatures

150 seconds

Malware Config

Extracted

Family

amadey

Version

4.41

Botnet

fed3aa

C2

http://185.215.113.16

Attributes

install_dir
44111dbc49
install_file
axplong.exe
strings_key
8d0ad6945b1a30a186ec2d30be6db0b5
url_paths
/Jo89Ku7d/index.php

rc4.plain

1
a091ec0a6e22276a96a99c1d34ef679c

Targets

- Target
  
  840-3-0x0000000000040000-0x00000000004E3000-memory.dmp
- Size
  
  4.6MB
- MD5
  
  8678489054c3284ad0dd4f3dbe85da85
- SHA1
  
  c45b65dc08b37d4afa596f215de3515960c9014f
- SHA256
  
  12098f58a14930c5c13a127c8b7bdd20786884fe053ff35689a72bec153f4915
- SHA512
  
  9005067fc1bede8a57e0a17a604267a2a4ffd67614dbfaa27d029d93ca79f95035a4a5093ed1320836a5de615eff46c91f336fdddbb743bf498061353c0a9396
- SSDEEP
  
  98304:qYxYnGvmBN1LDzCgAeQNfWocFNasOgxE2+rqtCZq:qLzAeQNW0dgxE2Peq
Score

10^/10

amadey trojan
- Amadey
  Amadey bot is a simple trojan bot primarily used for collecting reconnaissance information.
  trojan amadey
- Amadey family
  amadey
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.