Overview

overview

10

Static

static

10

2800-3-0x0...ry.exe

windows7-x64

10

2800-3-0x0...ry.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2800-3-0x0000000000F60000-0x0000000001425000-memory.dmp

  • Size

    4.8MB

  • Sample

    241227-kqxqmatmfq

  • MD5

    ad9336d625be72dc62926dc91dfb28ed

  • SHA1

    282e4f96fd484cec686e7f630dc1be776d46587e

  • SHA256

    4509f4ff142eda28d5f7df6763090d205d5fc5d5f03ef39fac395d78b85b08b7

  • SHA512

    c0c473485f4699aff10d1ab81cc0a44ba7093abd3dd087c99689f905b05cf5234625b34e3c9c2d541e26a2db0fc36d409b1d3688eee323833fe1a174fc1a270e

  • SSDEEP

    98304:iyUTFNOFDRg7RmZvu6T8TwRrU+65y+e/v1IC9ns4NNZ2heymcGvetqQxb:iyjkC/vDnxN2heXuq4

Score
10/10
amadeyfed3aatrojan

Malware Config

Extracted

Family

amadey

Version

4.41

Botnet

fed3aa

C2

http://185.215.113.16

Attributes
  • install_dir

    44111dbc49

  • install_file

    axplong.exe

  • strings_key

    8d0ad6945b1a30a186ec2d30be6db0b5

  • url_paths

    /Jo89Ku7d/index.php

rc4.plain

Targets

    • Target

      2800-3-0x0000000000F60000-0x0000000001425000-memory.dmp

    • Size

      4.8MB

    • MD5

      ad9336d625be72dc62926dc91dfb28ed

    • SHA1

      282e4f96fd484cec686e7f630dc1be776d46587e

    • SHA256

      4509f4ff142eda28d5f7df6763090d205d5fc5d5f03ef39fac395d78b85b08b7

    • SHA512

      c0c473485f4699aff10d1ab81cc0a44ba7093abd3dd087c99689f905b05cf5234625b34e3c9c2d541e26a2db0fc36d409b1d3688eee323833fe1a174fc1a270e

    • SSDEEP

      98304:iyUTFNOFDRg7RmZvu6T8TwRrU+65y+e/v1IC9ns4NNZ2heymcGvetqQxb:iyjkC/vDnxN2heXuq4

    Score
    10/10
    amadeytrojan

    • Amadey

      Amadey bot is a simple trojan bot primarily used for collecting reconnaissance information.

      trojanamadey

    • Amadey family

      amadey
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks