General
-
Target
eb1b2acd05af32e55983a6dbc65208c293fc607e4929349dd17216e5743401d4
-
Size
558KB
-
Sample
230206-1vjybsga95
-
MD5
2030c1b42599e47793ee2e88c88e2c70
-
SHA1
99b1e254fb19adb8a81d172949f3baee834017ca
-
SHA256
eb1b2acd05af32e55983a6dbc65208c293fc607e4929349dd17216e5743401d4
-
SHA512
d0c9d4d7523d8a8c2b735ac66dce6afe2d9447a62d66066f4884f6cffc09126723569c5d194452a508bdcba0aacdee14438a4a5fe765e414e723098f71ea1376
-
SSDEEP
12288:KMr0y90GlRiQBAT/fDsF+gMaT0mNR+BJqz:WyplRrw3iHT0mNR+Lm
Static task
static1
Behavioral task
behavioral1
Sample
eb1b2acd05af32e55983a6dbc65208c293fc607e4929349dd17216e5743401d4.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
amadey
3.66
62.204.41.4/Gol478Ns/index.php
Targets
-
-
Target
eb1b2acd05af32e55983a6dbc65208c293fc607e4929349dd17216e5743401d4
-
Size
558KB
-
MD5
2030c1b42599e47793ee2e88c88e2c70
-
SHA1
99b1e254fb19adb8a81d172949f3baee834017ca
-
SHA256
eb1b2acd05af32e55983a6dbc65208c293fc607e4929349dd17216e5743401d4
-
SHA512
d0c9d4d7523d8a8c2b735ac66dce6afe2d9447a62d66066f4884f6cffc09126723569c5d194452a508bdcba0aacdee14438a4a5fe765e414e723098f71ea1376
-
SSDEEP
12288:KMr0y90GlRiQBAT/fDsF+gMaT0mNR+BJqz:WyplRrw3iHT0mNR+Lm
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-