Score: | 100 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
Name | Description | Attribution | Blogpost URLs | Link |
---|---|---|---|---|
Amadey | Amadey is a botnet that appeared around October 2018 and is being sold for about $500 on Russian-speaking hacking forums. It periodically sends information about the system and installed AV software to its C2 server and polls to receive orders from it. Its main functionality is that it can load other payloads (called "tasks") for all or specifically targeted computers compromised by the malware. | No Attribution |
|
Name | Description | Attribution | Blogpost URLs | Link |
---|---|---|---|---|
XWorm | Malware with wide range of capabilities ranging from RAT to ransomware. | No Attribution |
|
AV Detection |
---|
Source: |
Avira: |
Source: |
Avira URL Cloud: |
||
Source: |
Avira URL Cloud: |
||
Source: |
Avira URL Cloud: |
||
Source: |
Avira URL Cloud: |
||
Source: |
Avira URL Cloud: |
||
Source: |
Avira URL Cloud: |
||
Source: |
Avira URL Cloud: |
||
Source: |
Avira URL Cloud: |
||
Source: |
Avira URL Cloud: |
Source: |
Avira: |
||
Source: |
Avira: |
||
Source: |
Avira: |
||
Source: |
Avira: |
Source: |
Malware Configuration Extractor: |
Source: |
ReversingLabs: |
||
Source: |
ReversingLabs: |
||
Source: |
ReversingLabs: |
||
Source: |
ReversingLabs: |
Source: |
Integrated Neural Analysis Model: |
Source: |
Joe Sandbox ML: |
||
Source: |
Joe Sandbox ML: |
||
Source: |
Joe Sandbox ML: |
||
Source: |
Joe Sandbox ML: |
Source: |
Joe Sandbox ML: |
Source: |
String decryptor: |
||
Source: |
String decryptor: |
||
Source: |
String decryptor: |
||
Source: |
String decryptor: |
||
Source: |
String decryptor: |
||
Source: |
String decryptor: |
||
Source: |
String decryptor: |
||
Source: |
String decryptor: |
||
Source: |
String decryptor: |
Source: |
Static PE information: |
Source: |
Binary string: |
||
Source: |
Binary string: |
||
Source: |
Binary string: |
||
Source: |
Binary string: |
||
Source: |
Binary string: |
||
Source: |
Binary string: |
||
Source: |
Binary string: |
||
Source: |
Binary string: |
||
Source: |
Binary string: |
||
Source: |
Binary string: |
||
Source: |
Binary string: |
||
Source: |
Binary string: |
||
Source: |
Binary string: |
||
Source: |
Binary string: |
||
Source: |
Binary string: |
||
Source: |
Binary string: |
||
Source: |
Binary string: |
||
Source: |
Binary string: |
||
Source: |
Binary string: |
||
Source: |
Binary string: |
||
Source: |
Binary string: |
||
Source: |
Binary string: |
||
Source: |
Binary string: |
||
Source: |
Binary string: |
||
Source: |
Binary string: |
Source: |
Code function: |
10_2_059B3F18 | |
Source: |
Code function: |
10_2_059B3F08 | |
Source: |
Code function: |
10_2_059B2EF0 | |
Source: |
Code function: |
10_2_059B2EE8 | |
Source: |
Code function: |
10_2_059B424D | |
Source: |
Code function: |
10_2_059C7580 | |
Source: |
Code function: |
10_2_059C7572 | |
Source: |
Code function: |
10_2_059CEAE8 | |
Source: |
Code function: |
10_2_059CEAE0 | |
Source: |
Code function: |
10_2_05BAD148 |
Networking |
---|
Source: |
Suricata IDS: |
||
Source: |
Suricata IDS: |
||
Source: |
Suricata IDS: |
||
Source: |
Suricata IDS: |
Source: |
IPs: |
Source: |
File source: |
Source: |
HTTP traffic detected: |