amadey | 6dcd3913fbeda0aa46dabe36a1286291fe7a4f67931eab0fde140b6e2368ec3b | Triage

Sharing

General

Target

1828-33-0x00000000006D0000-0x00000000009F3000-memory.dmp
Size

3.1MB
Sample

241227-sjsr4awqej
MD5

5587f4f2ae2de1b028be8bc05c487bcf
SHA1

7d42b020d19d9e973ebdd110bf83695c200c7e78
SHA256

6dcd3913fbeda0aa46dabe36a1286291fe7a4f67931eab0fde140b6e2368ec3b
SHA512

27c2014c8668828b1347a75dd86b5b6661c82029676cc274bec06907b6b41602e97196b3fbe22f9bf839005ade443b16ab2b4365ca82e41f7d6a370ff101a353
SSDEEP

98304:q0F/KSwKGiYVIxsTUlP4J8tq7o0P0bY6qE:qr7ow0p

Score

10^/10

amadey 9c9aa5 trojan

Malware Config

Extracted

Family

amadey

Version

4.42

Botnet

9c9aa5

C2

http://185.215.113.43

Attributes

install_dir
abc3bc1985
install_file
skotes.exe
strings_key
8a35cf2ea38c2817dba29a4b5b25dcf0
url_paths
/Zu7JuNko/index.php

rc4.plain

Targets

- Target
  
  1828-33-0x00000000006D0000-0x00000000009F3000-memory.dmp
- Size
  
  3.1MB
- MD5
  
  5587f4f2ae2de1b028be8bc05c487bcf
- SHA1
  
  7d42b020d19d9e973ebdd110bf83695c200c7e78
- SHA256
  
  6dcd3913fbeda0aa46dabe36a1286291fe7a4f67931eab0fde140b6e2368ec3b
- SHA512
  
  27c2014c8668828b1347a75dd86b5b6661c82029676cc274bec06907b6b41602e97196b3fbe22f9bf839005ade443b16ab2b4365ca82e41f7d6a370ff101a353
- SSDEEP
  
  98304:q0F/KSwKGiYVIxsTUlP4J8tq7o0P0bY6qE:qr7ow0p
Score

10^/10

amadey 9c9aa5 trojan
- Amadey
  Amadey bot is a simple trojan bot primarily used for collecting reconnaissance information.
  trojan amadey
- Amadey family
  amadey
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

amadey9c9aa5trojan

behavioral2

amadey9c9aa5trojan