General
-
Target
4a6654ffa747fe8df813d848e598b2f53d5455c718c2873a3fdb779b212e59d2
-
Size
558KB
-
Sample
230206-1gfczsbc2x
-
MD5
8754da2e405604e4da720a5a33a9cd98
-
SHA1
55cc907f511bc9395bb2f9dd329c759bcc2915d9
-
SHA256
4a6654ffa747fe8df813d848e598b2f53d5455c718c2873a3fdb779b212e59d2
-
SHA512
0c6177d7aa897504dac887673b98cbe06b2049bf23a1189b0380f49fd8874e0044061c836f2386ce04ce1e959102931f26a14a44e687985c8f96f587bee5e682
-
SSDEEP
12288:7Mrny90opC53/VE4ziljdCCbrrwsF++MaT8mNRqEld+Dg:oyjWW4ubPdHT8mNRqEldSg
Static task
static1
Behavioral task
behavioral1
Sample
4a6654ffa747fe8df813d848e598b2f53d5455c718c2873a3fdb779b212e59d2.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
amadey
3.66
62.204.41.4/Gol478Ns/index.php
Targets
-
-
Target
4a6654ffa747fe8df813d848e598b2f53d5455c718c2873a3fdb779b212e59d2
-
Size
558KB
-
MD5
8754da2e405604e4da720a5a33a9cd98
-
SHA1
55cc907f511bc9395bb2f9dd329c759bcc2915d9
-
SHA256
4a6654ffa747fe8df813d848e598b2f53d5455c718c2873a3fdb779b212e59d2
-
SHA512
0c6177d7aa897504dac887673b98cbe06b2049bf23a1189b0380f49fd8874e0044061c836f2386ce04ce1e959102931f26a14a44e687985c8f96f587bee5e682
-
SSDEEP
12288:7Mrny90opC53/VE4ziljdCCbrrwsF++MaT8mNRqEld+Dg:oyjWW4ubPdHT8mNRqEldSg
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-