amadey | 692f77f4168b9d59dbffbdeca921d218c7cb42dc1b596b98ecc7f530788c8361 | Triage

Sharing

General

Target

2025-04-06_bcebcc9d00abbd78a7e08e89c84a219d_amadey_black-basta_luca-stealer_smoke-loader
Size

2.0MB
Sample

250406-pd732szrs5
MD5

bcebcc9d00abbd78a7e08e89c84a219d
SHA1

af4fc3d80b0ea1e6e227748fe145ca67957806e8
SHA256

692f77f4168b9d59dbffbdeca921d218c7cb42dc1b596b98ecc7f530788c8361
SHA512

7bfb6b328d55d3b9566adb18125c24b34fb9a4dea118c2a1f469b85d14dc59f9f2872e01683b18227c47c0bcf7fce165aebfbd831ba33179742274c994d12a93
SSDEEP

49152:CIXqRSnB4GPkctL61qgSCMHo/P6CJI9Lqj4wQx:CIGSB46kctL6AoMHo6CJI9Lf

Score

10^/10

amadey 092155 discovery trojan

Malware Config

Extracted

Family

amadey

Version

5.21

Botnet

092155

C2

http://176.113.115.6

Attributes

install_dir
bb556cff4a
install_file
rapes.exe
strings_key
a131b127e996a898cd19ffb2d92e481b
url_paths
/Ni9kiput/index.php

rc4.plain

Targets

- Target
  
  2025-04-06_bcebcc9d00abbd78a7e08e89c84a219d_amadey_black-basta_luca-stealer_smoke-loader
- Size
  
  2.0MB
- MD5
  
  bcebcc9d00abbd78a7e08e89c84a219d
- SHA1
  
  af4fc3d80b0ea1e6e227748fe145ca67957806e8
- SHA256
  
  692f77f4168b9d59dbffbdeca921d218c7cb42dc1b596b98ecc7f530788c8361
- SHA512
  
  7bfb6b328d55d3b9566adb18125c24b34fb9a4dea118c2a1f469b85d14dc59f9f2872e01683b18227c47c0bcf7fce165aebfbd831ba33179742274c994d12a93
- SSDEEP
  
  49152:CIXqRSnB4GPkctL61qgSCMHo/P6CJI9Lqj4wQx:CIGSB46kctL6AoMHo6CJI9Lf
Score

10^/10

amadey discovery trojan
- Amadey
  Amadey bot is a simple trojan bot primarily used for collecting reconnaissance information.
  trojan amadey
- Amadey family
  amadey
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

amadeydiscoverytrojan