Overview

overview

10

Static

static

10

5008-34-0x...ry.exe

windows7-x64

1

5008-34-0x...ry.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5008-34-0x0000000000BE0000-0x0000000000EFE000-memory.dmp

  • Size

    3.1MB

  • Sample

    241227-pvkdbavqbn

  • MD5

    9c9431e7020ead6e4b82358482a9f895

  • SHA1

    69aa931c98ed68cd3d7b51f7d5740a5cc0cee073

  • SHA256

    77d22cb3bad8113d7ae2f659be5f20573195c4c95ee0d826701bcffe956e2f1b

  • SHA512

    21ffbbbd418634901d0932f87156d8f104c956a9893c2abecf7451fdaabc2a810517cc9e3404cbc7a2e33ac0a253504bfe43a51a8375414903252c5e1b54fb84

  • SSDEEP

    49152:GcbYgFKzMYJta988JhtCPMuytZncybI9:/bYgFKzMYJta988J7Ckuyt5cF9

Score
10/10
amadey9c9aa5trojan

Malware Config

Extracted

Family

amadey

Version

4.42

Botnet

9c9aa5

C2

http://185.215.113.43

Attributes
  • install_dir

    abc3bc1985

  • install_file

    skotes.exe

  • strings_key

    8a35cf2ea38c2817dba29a4b5b25dcf0

  • url_paths

    /Zu7JuNko/index.php

rc4.plain

Targets

    • Target

      5008-34-0x0000000000BE0000-0x0000000000EFE000-memory.dmp

    • Size

      3.1MB

    • MD5

      9c9431e7020ead6e4b82358482a9f895

    • SHA1

      69aa931c98ed68cd3d7b51f7d5740a5cc0cee073

    • SHA256

      77d22cb3bad8113d7ae2f659be5f20573195c4c95ee0d826701bcffe956e2f1b

    • SHA512

      21ffbbbd418634901d0932f87156d8f104c956a9893c2abecf7451fdaabc2a810517cc9e3404cbc7a2e33ac0a253504bfe43a51a8375414903252c5e1b54fb84

    • SSDEEP

      49152:GcbYgFKzMYJta988JhtCPMuytZncybI9:/bYgFKzMYJta988J7Ckuyt5cF9

    Score
    10/10
    amadey9c9aa5trojan

    • Amadey

      Amadey bot is a simple trojan bot primarily used for collecting reconnaissance information.

      trojanamadey

    • Amadey family

      amadey
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks