This is a Zeek based Amadey malware detector.
Blog: https://drkeithjones.com/index.php/2023/06/15/detecting-amadey-malware-with-zeek-zeek-roulette-2/
Video: https://youtube.com/live/AArPGeYdoNU?feature=share
Added the new C2 in this sample:
A Zeek based Amadey malware detector.
scripts
cd testing && btest -c btest.cfg
zeek >=4.0.0
A Zeek based Amadey malware detector.
scripts
cd testing && btest -c btest.cfg
zeek >=4.0.0
A Zeek based Amadey malware detector.
scripts
cd testing && btest -c btest.cfg
zeek >=4.0.0
A Zeek based Amadey malware detector.
scripts
cd testing && btest -c btest.cfg
zeek >=4.0.0
A Zeek based Amadey malware detector.
scripts
cd testing && btest -c btest.cfg
zeek >=4.0.0
A Zeek based Amadey malware detector.
scripts
cd testing && btest -c btest.cfg
zeek >=4.0.0
A Zeek based Amadey malware detector.
scripts
cd testing && btest -c btest.cfg
zeek >=4.0.0
A Zeek based Amadey malware detector.
scripts
cd testing && btest -c btest.cfg
zeek >=4.0.0
A Zeek based Amadey malware detector.
scripts
cd testing && btest -c btest.cfg
zeek >=4.0.0
A Zeek based Amadey malware detector.
scripts
cd testing && btest -c btest.cfg
zeek >=4.0.0
A Zeek based Amadey malware detector.
scripts
cd testing && btest -c btest.cfg
zeek >=4.0.0
A Zeek based Amadey malware detector.
scripts
cd testing && btest -c btest.cfg
zeek >=4.0.0
A Zeek based Amadey malware detector.
scripts
cd testing && btest -c btest.cfg
zeek >=4.0.0