General
-
Target
aca71960192a8fb23e07ece5b076cf593c4fc8b44214318eb79a75ebd243c1e2
-
Size
558KB
-
Sample
230206-2cf96agb75
-
MD5
39b1c1df2d4e1c512b40def54038a2e7
-
SHA1
fce6b4b0180966b01cd75c6855e14a9511adc50b
-
SHA256
aca71960192a8fb23e07ece5b076cf593c4fc8b44214318eb79a75ebd243c1e2
-
SHA512
f651fe17af46753b51461ce2a8b5b9ebfc236aef9a77b8c9c32a6f0c715d69ea1829d505d1c0f53fd8ebc5efd3b7d2afbc0482d2b35a84f185974844546eaf9a
-
SSDEEP
12288:IMrgy90i7Ixu1ep24SsF+6MaTQmNRWAZOCI+Tj:oyxh0p2KHTQmNRWADzTj
Static task
static1
Behavioral task
behavioral1
Sample
aca71960192a8fb23e07ece5b076cf593c4fc8b44214318eb79a75ebd243c1e2.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
amadey
3.66
62.204.41.4/Gol478Ns/index.php
Targets
-
-
Target
aca71960192a8fb23e07ece5b076cf593c4fc8b44214318eb79a75ebd243c1e2
-
Size
558KB
-
MD5
39b1c1df2d4e1c512b40def54038a2e7
-
SHA1
fce6b4b0180966b01cd75c6855e14a9511adc50b
-
SHA256
aca71960192a8fb23e07ece5b076cf593c4fc8b44214318eb79a75ebd243c1e2
-
SHA512
f651fe17af46753b51461ce2a8b5b9ebfc236aef9a77b8c9c32a6f0c715d69ea1829d505d1c0f53fd8ebc5efd3b7d2afbc0482d2b35a84f185974844546eaf9a
-
SSDEEP
12288:IMrgy90i7Ixu1ep24SsF+6MaTQmNRWAZOCI+Tj:oyxh0p2KHTQmNRWADzTj
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-