General
-
Target
c327a2c9bf1d1d1a8d77a6527aefee7d99e30f38c01ee7b339a092f147f458c5
-
Size
558KB
-
Sample
230206-3aqaqagd26
-
MD5
20e9d901b7f052ae522fd209637baf4a
-
SHA1
e25bc0beb6c13f40517be23ea995dd23f4eca3d1
-
SHA256
c327a2c9bf1d1d1a8d77a6527aefee7d99e30f38c01ee7b339a092f147f458c5
-
SHA512
9e5cd5ecae1f5e47eb62032b21170a977f2cfe7559f7e15259693ee16c75dfc7b4fa89f586300be23e32d4cf84c1cbed79f6b46bd68af55057c88d47cc7e8424
-
SSDEEP
12288:aMrVy90SUrgSHQqTcWlCsF+GMaTSmNR4jq9na3t7OTY8O:HyxSH53lbHTSmNR4uZa3t7N8O
Static task
static1
Behavioral task
behavioral1
Sample
c327a2c9bf1d1d1a8d77a6527aefee7d99e30f38c01ee7b339a092f147f458c5.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
amadey
3.66
62.204.41.5/Bu58Ngs/index.php
Targets
-
-
Target
c327a2c9bf1d1d1a8d77a6527aefee7d99e30f38c01ee7b339a092f147f458c5
-
Size
558KB
-
MD5
20e9d901b7f052ae522fd209637baf4a
-
SHA1
e25bc0beb6c13f40517be23ea995dd23f4eca3d1
-
SHA256
c327a2c9bf1d1d1a8d77a6527aefee7d99e30f38c01ee7b339a092f147f458c5
-
SHA512
9e5cd5ecae1f5e47eb62032b21170a977f2cfe7559f7e15259693ee16c75dfc7b4fa89f586300be23e32d4cf84c1cbed79f6b46bd68af55057c88d47cc7e8424
-
SSDEEP
12288:aMrVy90SUrgSHQqTcWlCsF+GMaTSmNR4jq9na3t7OTY8O:HyxSH53lbHTSmNR4uZa3t7N8O
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-