General

  • Target

    b413ff6e943c415afc26640ff535c724

  • Size

    2.4MB

  • Sample

    220529-v39wtscgdp

  • MD5

    b413ff6e943c415afc26640ff535c724

  • SHA1

    fcc13d52bf28416f3b8a594d58113fd8828a4093

  • SHA256

    7ff0ff6e51a58398ad73da3cc8e7e6233a23e49d93aaa4b190672e4f9f08b9bb

  • SHA512

    ca5ac0fc7aa0ed1a615ccd628b8b97b3d83b31e0da58b9d9e23e4e9f97bfa598920119e8afbbdac6e97c994e8739651083fd1afe69384d25a1fd6bc4702ce815

Score
10/10

Malware Config

Extracted

Family

amadey

Version

3.20

C2

happyday9risce.com/gg4mn3s/index.php

xksldjf9sksdjfks.com/gg4mn3s/index.php

dhisa8f9ah02hopasiaf.com/gg4mn3s/index.php

Targets

    • Target

      b413ff6e943c415afc26640ff535c724

    • Size

      2.4MB

    • MD5

      b413ff6e943c415afc26640ff535c724

    • SHA1

      fcc13d52bf28416f3b8a594d58113fd8828a4093

    • SHA256

      7ff0ff6e51a58398ad73da3cc8e7e6233a23e49d93aaa4b190672e4f9f08b9bb

    • SHA512

      ca5ac0fc7aa0ed1a615ccd628b8b97b3d83b31e0da58b9d9e23e4e9f97bfa598920119e8afbbdac6e97c994e8739651083fd1afe69384d25a1fd6bc4702ce815

    Score
    10/10
    • Amadey

      Amadey bot is a simple trojan bot primarily used for collecting reconnaissance information.

    • Executes dropped EXE

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks