General
-
Target
ebad5d2fea3e494ed0920deeff35f700c215e414bc72a7a3dd1f91bd7df1c01a
-
Size
558KB
-
Sample
230206-3cqz2abe8s
-
MD5
39f708b9a9d34e06ce186ba97b6c5c7b
-
SHA1
7b1fb50c5973cf6c9c2d640614803aa8b507f895
-
SHA256
ebad5d2fea3e494ed0920deeff35f700c215e414bc72a7a3dd1f91bd7df1c01a
-
SHA512
131cf9f82734f6491342b97b8cd10f38693c97650b8984b514fc817961faa5bf164ebf6da52e5e18ed618e215fcb9e5f68ae05859ab0ec5778702127d05e4277
-
SSDEEP
12288:pMrDy90rP6RhcEMXYlP/sF+2MaT7mNR9tfS8aD:ey1hcEJlYHT7mNR9NS8a
Static task
static1
Behavioral task
behavioral1
Sample
ebad5d2fea3e494ed0920deeff35f700c215e414bc72a7a3dd1f91bd7df1c01a.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
amadey
3.66
62.204.41.4/Gol478Ns/index.php
Targets
-
-
Target
ebad5d2fea3e494ed0920deeff35f700c215e414bc72a7a3dd1f91bd7df1c01a
-
Size
558KB
-
MD5
39f708b9a9d34e06ce186ba97b6c5c7b
-
SHA1
7b1fb50c5973cf6c9c2d640614803aa8b507f895
-
SHA256
ebad5d2fea3e494ed0920deeff35f700c215e414bc72a7a3dd1f91bd7df1c01a
-
SHA512
131cf9f82734f6491342b97b8cd10f38693c97650b8984b514fc817961faa5bf164ebf6da52e5e18ed618e215fcb9e5f68ae05859ab0ec5778702127d05e4277
-
SSDEEP
12288:pMrDy90rP6RhcEMXYlP/sF+2MaT7mNR9tfS8aD:ey1hcEJlYHT7mNR9NS8a
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-