General
-
Target
540fb5d1565b258ba0658a88bcb68345892643e69b7cef1c46091f7627cbd867
-
Size
558KB
-
Sample
230206-2qlrssgc49
-
MD5
0fc9830e108b8ec33ce358b37e260f6e
-
SHA1
356e2850903485f2f2eae04de6f8d312b0f806f8
-
SHA256
540fb5d1565b258ba0658a88bcb68345892643e69b7cef1c46091f7627cbd867
-
SHA512
aaf50786389c4054224fcac177126b2d7e8ccf9c91dac4aea90b6d9c15d84798778ab6589481782b6234a2c94f26643d237f24dcb312b24709807074ac1c524a
-
SSDEEP
12288:pMrNy90My73qzBCb7NIPsF+gMaTimNRUoLX5r3:ky5y72gHlHTimNRUodr3
Static task
static1
Behavioral task
behavioral1
Sample
540fb5d1565b258ba0658a88bcb68345892643e69b7cef1c46091f7627cbd867.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
amadey
3.66
62.204.41.4/Gol478Ns/index.php
Targets
-
-
Target
540fb5d1565b258ba0658a88bcb68345892643e69b7cef1c46091f7627cbd867
-
Size
558KB
-
MD5
0fc9830e108b8ec33ce358b37e260f6e
-
SHA1
356e2850903485f2f2eae04de6f8d312b0f806f8
-
SHA256
540fb5d1565b258ba0658a88bcb68345892643e69b7cef1c46091f7627cbd867
-
SHA512
aaf50786389c4054224fcac177126b2d7e8ccf9c91dac4aea90b6d9c15d84798778ab6589481782b6234a2c94f26643d237f24dcb312b24709807074ac1c524a
-
SSDEEP
12288:pMrNy90My73qzBCb7NIPsF+gMaTimNRUoLX5r3:ky5y72gHlHTimNRUodr3
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-