General
-
Target
4d4fa36151d3330036cdae11a434af0b5e5cc3403f60c15d968561fd3c41e9a7.exe
-
Size
218KB
-
Sample
220517-yh2lhabddm
-
MD5
a9c62f3c2b7bf88433746c06a7196a92
-
SHA1
020c23eb4a3a4df8c6c1e5450127fa9383095378
-
SHA256
4d4fa36151d3330036cdae11a434af0b5e5cc3403f60c15d968561fd3c41e9a7
-
SHA512
342aed8d60985831565fdaffb3d02243fb64caa9bdcc93f6114378ca99513ef4f03289d6988a5e85c7d1dd351fea352fb65b0f65893df52837574311a51b2e80
Static task
static1
Behavioral task
behavioral1
Sample
4d4fa36151d3330036cdae11a434af0b5e5cc3403f60c15d968561fd3c41e9a7.exe
Resource
win7-20220414-en
Malware Config
Extracted
amadey
3.08
190.123.44.195/d2VxjasuwS/index.php
Targets
-
-
Target
4d4fa36151d3330036cdae11a434af0b5e5cc3403f60c15d968561fd3c41e9a7.exe
-
Size
218KB
-
MD5
a9c62f3c2b7bf88433746c06a7196a92
-
SHA1
020c23eb4a3a4df8c6c1e5450127fa9383095378
-
SHA256
4d4fa36151d3330036cdae11a434af0b5e5cc3403f60c15d968561fd3c41e9a7
-
SHA512
342aed8d60985831565fdaffb3d02243fb64caa9bdcc93f6114378ca99513ef4f03289d6988a5e85c7d1dd351fea352fb65b0f65893df52837574311a51b2e80
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Accesses Microsoft Outlook profiles
-