Overview

overview

10

Static

static

10

2288-107-0...ry.exe

windows7-x64

10

2288-107-0...ry.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2288-107-0x00000000007C0000-0x0000000000C75000-memory.dmp

  • Size

    4.7MB

  • Sample

    240628-by19catfjb

  • MD5

    ec11640a4f8c6b2191d0a34a6932a30e

  • SHA1

    1b778279adf6e8708dcf8903cc028bec9fc03e8d

  • SHA256

    4e746d96369bb2d7cca1504f067de2792b39421ce01cfeac29e5e6451a216cc4

  • SHA512

    26cf6f9911fe1751fdc5bae1c1dc33bd133e2818a95446b9808a7aeed7a45a2296445eae1f8baaef02df9335a1c791c8f64c6573cf5c3700c7f025a9185bd320

  • SSDEEP

    98304:mewi+YS0Gjibjd5HYNeT8gH02b+mtdEVvmH:m3gH0SE5

Score
10/10
amadey4dd39dtrojan

Malware Config

Extracted

Family

amadey

Version

4.30

Botnet

4dd39d

C2

http://77.91.77.82

Attributes
  • install_dir

    ad40971b6b

  • install_file

    explorti.exe

  • strings_key

    a434973ad22def7137dbb5e059b7081e

  • url_paths

    /Hun4Ko/index.php

rc4.plain

Targets

    • Target

      2288-107-0x00000000007C0000-0x0000000000C75000-memory.dmp

    • Size

      4.7MB

    • MD5

      ec11640a4f8c6b2191d0a34a6932a30e

    • SHA1

      1b778279adf6e8708dcf8903cc028bec9fc03e8d

    • SHA256

      4e746d96369bb2d7cca1504f067de2792b39421ce01cfeac29e5e6451a216cc4

    • SHA512

      26cf6f9911fe1751fdc5bae1c1dc33bd133e2818a95446b9808a7aeed7a45a2296445eae1f8baaef02df9335a1c791c8f64c6573cf5c3700c7f025a9185bd320

    • SSDEEP

      98304:mewi+YS0Gjibjd5HYNeT8gH02b+mtdEVvmH:m3gH0SE5

    Score
    10/10
    amadeytrojan

    • Amadey

      Amadey bot is a simple trojan bot primarily used for collecting reconnaissance information.

      trojanamadey
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks