Overview

overview

10

Static

static

10

2060-3-0x0...ry.exe

windows7-x64

10

2060-3-0x0...ry.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2060-3-0x0000000000FD0000-0x000000000148D000-memory.dmp

  • Size

    4.7MB

  • Sample

    240630-tx63ba1akh

  • MD5

    66aa0c7fb32464254638b655d63e1a42

  • SHA1

    c8706f063005333346d122ba41c60ceeb1e1267a

  • SHA256

    52428ad537a55d3e6b33bca0f8eb559269cb3bb15158da49f345f9a6ed0189a4

  • SHA512

    841e62a753c5d2cab07b642fdcab6a8f4f81f4067aaf88b3962392ae21d46a41805713933c370a716775b0fe1585aab754cfa9605a9bb8b06c3d71a2880b73d8

  • SSDEEP

    98304:r/vM0q7VAf9U9O0q8EXCVIsM9jMs7vRN:r8k3C2NMs7v

Score
10/10
amadey4dd39dtrojan

Malware Config

Extracted

Family

amadey

Version

4.30

Botnet

4dd39d

C2

http://77.91.77.82

Attributes
  • install_dir

    ad40971b6b

  • install_file

    explorti.exe

  • strings_key

    a434973ad22def7137dbb5e059b7081e

  • url_paths

    /Hun4Ko/index.php

rc4.plain

Targets

    • Target

      2060-3-0x0000000000FD0000-0x000000000148D000-memory.dmp

    • Size

      4.7MB

    • MD5

      66aa0c7fb32464254638b655d63e1a42

    • SHA1

      c8706f063005333346d122ba41c60ceeb1e1267a

    • SHA256

      52428ad537a55d3e6b33bca0f8eb559269cb3bb15158da49f345f9a6ed0189a4

    • SHA512

      841e62a753c5d2cab07b642fdcab6a8f4f81f4067aaf88b3962392ae21d46a41805713933c370a716775b0fe1585aab754cfa9605a9bb8b06c3d71a2880b73d8

    • SSDEEP

      98304:r/vM0q7VAf9U9O0q8EXCVIsM9jMs7vRN:r8k3C2NMs7v

    Score
    10/10
    amadeytrojan

    • Amadey

      Amadey bot is a simple trojan bot primarily used for collecting reconnaissance information.

      trojanamadey
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks