General
-
Target
Amadey_.exe
-
Size
380KB
-
Sample
221219-t21fbsae61
-
MD5
f2d6b29a92a7f81177de29db386d02ad
-
SHA1
4844a414ca19c97111cf312ba5f9bb38c30fe7e2
-
SHA256
6740f7b9a8d5c30d4aed27572b6c77513b245332550e619b5b127a4d42bfa5db
-
SHA512
4c67d19945047af9883d063c5cb007dc0befdbf9ed1fc32b55b2270624fc33f9aeed384b319f8c487d1df0242f33dfa6926c0567c8afd13aa28513fb5f008c62
-
SSDEEP
6144:sXQI6LRACrMpPBRGkNNk4uAL1Ut/kBQ0+LTHW/x3H59uRjMgU:sg5VrM9nu4u01akBMv2bwRQg
Static task
static1
Behavioral task
behavioral1
Sample
Amadey_.exe
Resource
win7-20220812-en
Malware Config
Extracted
amadey
3.50
77.73.134.66/v7eWcjs/index.php
Targets
-
-
Target
Amadey_.exe
-
Size
380KB
-
MD5
f2d6b29a92a7f81177de29db386d02ad
-
SHA1
4844a414ca19c97111cf312ba5f9bb38c30fe7e2
-
SHA256
6740f7b9a8d5c30d4aed27572b6c77513b245332550e619b5b127a4d42bfa5db
-
SHA512
4c67d19945047af9883d063c5cb007dc0befdbf9ed1fc32b55b2270624fc33f9aeed384b319f8c487d1df0242f33dfa6926c0567c8afd13aa28513fb5f008c62
-
SSDEEP
6144:sXQI6LRACrMpPBRGkNNk4uAL1Ut/kBQ0+LTHW/x3H59uRjMgU:sg5VrM9nu4u01akBMv2bwRQg
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-