General
-
Target
d0c2216aeefafd217d8a62223a085d761e9c494494cd9bf2cf341d4c0365ce2e
-
Size
558KB
-
Sample
230206-16gx4sbd4v
-
MD5
8feb329fefed8e29713164d7c20c02a2
-
SHA1
b234b92d8915fd002ca8cebd1b8f4458cf5ecca8
-
SHA256
d0c2216aeefafd217d8a62223a085d761e9c494494cd9bf2cf341d4c0365ce2e
-
SHA512
4fb8918c327bd137a36ca54ccdceb57c95460e01369ec1a28027c26f57f2b28e7224534bf34548d85fac67df1cf29ff9f1086d9048f2c543563219e1628dba28
-
SSDEEP
12288:oMrty90ggFHWjyR+C7sF+8MaTDmNRnhZ/WV8V7CBk:Vy7gFHWjmGHTDmNRnhZ/E8V7X
Static task
static1
Behavioral task
behavioral1
Sample
d0c2216aeefafd217d8a62223a085d761e9c494494cd9bf2cf341d4c0365ce2e.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
amadey
3.66
62.204.41.5/Bu58Ngs/index.php
Targets
-
-
Target
d0c2216aeefafd217d8a62223a085d761e9c494494cd9bf2cf341d4c0365ce2e
-
Size
558KB
-
MD5
8feb329fefed8e29713164d7c20c02a2
-
SHA1
b234b92d8915fd002ca8cebd1b8f4458cf5ecca8
-
SHA256
d0c2216aeefafd217d8a62223a085d761e9c494494cd9bf2cf341d4c0365ce2e
-
SHA512
4fb8918c327bd137a36ca54ccdceb57c95460e01369ec1a28027c26f57f2b28e7224534bf34548d85fac67df1cf29ff9f1086d9048f2c543563219e1628dba28
-
SSDEEP
12288:oMrty90ggFHWjyR+C7sF+8MaTDmNRnhZ/WV8V7CBk:Vy7gFHWjmGHTDmNRnhZ/E8V7X
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-