General
-
Target
ea1ca13cb3303882a6dd44f39831f173e509682f346065d8e006c443df2b536f
-
Size
558KB
-
Sample
230206-1jgzlabc3x
-
MD5
3abd2ff45e6558f8a492273c0f4fe8d9
-
SHA1
1f5958f6a650c28784a28ea970178055cb491070
-
SHA256
ea1ca13cb3303882a6dd44f39831f173e509682f346065d8e006c443df2b536f
-
SHA512
36be767f23c5ce51fbb366df27ca4fa393e1ff12289b2eb07f63fc9f196976860604e6ab9a03da2099bf74ac539e852c5e357cc1029c8bfd69ce53d95533a6dd
-
SSDEEP
12288:lMryy90afkXidJexjy+L1MfAZCsF+KMaT0mNRKwMb/ivsDug:jyNsXidJexjy+UAZfHT0mNRK3bav61
Static task
static1
Behavioral task
behavioral1
Sample
ea1ca13cb3303882a6dd44f39831f173e509682f346065d8e006c443df2b536f.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
amadey
3.66
62.204.41.5/Bu58Ngs/index.php
Targets
-
-
Target
ea1ca13cb3303882a6dd44f39831f173e509682f346065d8e006c443df2b536f
-
Size
558KB
-
MD5
3abd2ff45e6558f8a492273c0f4fe8d9
-
SHA1
1f5958f6a650c28784a28ea970178055cb491070
-
SHA256
ea1ca13cb3303882a6dd44f39831f173e509682f346065d8e006c443df2b536f
-
SHA512
36be767f23c5ce51fbb366df27ca4fa393e1ff12289b2eb07f63fc9f196976860604e6ab9a03da2099bf74ac539e852c5e357cc1029c8bfd69ce53d95533a6dd
-
SSDEEP
12288:lMryy90afkXidJexjy+L1MfAZCsF+KMaT0mNRKwMb/ivsDug:jyNsXidJexjy+UAZfHT0mNRK3bav61
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-