General
-
Target
95ef7202e32be68447f57bf2f1f5f4c1ca4b5404f293145621f9a0bd94b0a2cb
-
Size
558KB
-
Sample
230206-3glk4sgd38
-
MD5
d7060ee32e3a8cbcd13f953387995ff8
-
SHA1
ddaebe1b11f77b102c14e7bdcb84c79da5ef39b9
-
SHA256
95ef7202e32be68447f57bf2f1f5f4c1ca4b5404f293145621f9a0bd94b0a2cb
-
SHA512
a881a49c5102378bac95b4abbd13c1ec397b518611f764538b54a978c5c878acd9197628b88c4c3993b39d19be5dc0b395be97c5b221117f9d1fdf31bb0555e9
-
SSDEEP
12288:NMrty903cc027RvYACB95sF+mMaTomNRK7lPDmuVmnW:Yybc027RwACBgHTomNRK7VauwW
Static task
static1
Behavioral task
behavioral1
Sample
95ef7202e32be68447f57bf2f1f5f4c1ca4b5404f293145621f9a0bd94b0a2cb.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
amadey
3.66
62.204.41.4/Gol478Ns/index.php
Targets
-
-
Target
95ef7202e32be68447f57bf2f1f5f4c1ca4b5404f293145621f9a0bd94b0a2cb
-
Size
558KB
-
MD5
d7060ee32e3a8cbcd13f953387995ff8
-
SHA1
ddaebe1b11f77b102c14e7bdcb84c79da5ef39b9
-
SHA256
95ef7202e32be68447f57bf2f1f5f4c1ca4b5404f293145621f9a0bd94b0a2cb
-
SHA512
a881a49c5102378bac95b4abbd13c1ec397b518611f764538b54a978c5c878acd9197628b88c4c3993b39d19be5dc0b395be97c5b221117f9d1fdf31bb0555e9
-
SSDEEP
12288:NMrty903cc027RvYACB95sF+mMaTomNRK7lPDmuVmnW:Yybc027RwACBgHTomNRK7VauwW
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-