General
-
Target
cbd1724763e023c4d9548651222441a77da6b15cbca472ff3079bacb3096b85a
-
Size
558KB
-
Sample
230206-1zgnrsgb35
-
MD5
0ef9b5b427052de10e8040e7f683093e
-
SHA1
f5ae009af0e5d932f405caa27d22aab065b853a9
-
SHA256
cbd1724763e023c4d9548651222441a77da6b15cbca472ff3079bacb3096b85a
-
SHA512
878d3629fee4962bd73daacbee7e5afc8bb7136d63c15e6cf96a415855742f9085f95341677a9491270fbebcf10dc30e960eee64604d13594f569d5faf8c3c69
-
SSDEEP
12288:PMrMy90alv3Z1ojhg1KWsF+qMaTkmNRWYOjoWYL4QagZ:Lyx/nojXHTkmNRWYbXkQzZ
Static task
static1
Behavioral task
behavioral1
Sample
cbd1724763e023c4d9548651222441a77da6b15cbca472ff3079bacb3096b85a.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
amadey
3.66
62.204.41.4/Gol478Ns/index.php
Targets
-
-
Target
cbd1724763e023c4d9548651222441a77da6b15cbca472ff3079bacb3096b85a
-
Size
558KB
-
MD5
0ef9b5b427052de10e8040e7f683093e
-
SHA1
f5ae009af0e5d932f405caa27d22aab065b853a9
-
SHA256
cbd1724763e023c4d9548651222441a77da6b15cbca472ff3079bacb3096b85a
-
SHA512
878d3629fee4962bd73daacbee7e5afc8bb7136d63c15e6cf96a415855742f9085f95341677a9491270fbebcf10dc30e960eee64604d13594f569d5faf8c3c69
-
SSDEEP
12288:PMrMy90alv3Z1ojhg1KWsF+qMaTkmNRWYOjoWYL4QagZ:Lyx/nojXHTkmNRWYbXkQzZ
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-