Description
[Amadey](https://attack.mitre.org/software/S1025) is a Trojan bot that has been used since at least October 2018.(Citation: Korean FSI TA505 2020)(Citation: BlackBerry Amadey 2020)
External References
Techniques Used by This Malware
- T1005 — Data from Local System
- T1016 — System Network Configuration Discovery
- T1027 — Obfuscated Files or Information
- T1033 — System Owner/User Discovery
- T1041 — Exfiltration Over C2 Channel
- T1071.001 — Web Protocols
- T1082 — System Information Discovery
- T1083 — File and Directory Discovery
- T1105 — Ingress Tool Transfer
- T1106 — Native API
- T1112 — Modify Registry
- T1140 — Deobfuscate/Decode Files or Information
- T1518.001 — Security Software Discovery
- T1547.001 — Registry Run Keys / Startup Folder
- T1553.005 — Mark-of-the-Web Bypass
- T1568.001 — Fast Flux DNS
- T1614 — System Location Discovery