General
-
Target
c8507ae7aa7bd193e8b2fdc260edbd73813a48a7f6bf34f0b3025085a52e36bf
-
Size
558KB
-
Sample
230206-3qmvjabf3t
-
MD5
b584080f6003aa0d45c1cb2e8e53b4c7
-
SHA1
c64d7b3589b849f9c4f68f5f6e3a7f68d046648b
-
SHA256
c8507ae7aa7bd193e8b2fdc260edbd73813a48a7f6bf34f0b3025085a52e36bf
-
SHA512
e25dd1f548243fa56c96d93fecb74bc58fef9374131eb641b90d70f2f605a58791b2eda049dfa29ed4eec4dc65c853b883db68eba7987ae5c33cb6545184bae5
-
SSDEEP
12288:3Mrhy90KhNC3peDlR3xqjjcRG00xLR0Ehwl:Ky/NC3a73xqj+0xNgl
Static task
static1
Behavioral task
behavioral1
Sample
c8507ae7aa7bd193e8b2fdc260edbd73813a48a7f6bf34f0b3025085a52e36bf.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
amadey
3.66
62.204.41.4/Gol478Ns/index.php
Targets
-
-
Target
c8507ae7aa7bd193e8b2fdc260edbd73813a48a7f6bf34f0b3025085a52e36bf
-
Size
558KB
-
MD5
b584080f6003aa0d45c1cb2e8e53b4c7
-
SHA1
c64d7b3589b849f9c4f68f5f6e3a7f68d046648b
-
SHA256
c8507ae7aa7bd193e8b2fdc260edbd73813a48a7f6bf34f0b3025085a52e36bf
-
SHA512
e25dd1f548243fa56c96d93fecb74bc58fef9374131eb641b90d70f2f605a58791b2eda049dfa29ed4eec4dc65c853b883db68eba7987ae5c33cb6545184bae5
-
SSDEEP
12288:3Mrhy90KhNC3peDlR3xqjjcRG00xLR0Ehwl:Ky/NC3a73xqj+0xNgl
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-