General
-
Target
b3dc9d4f17df96d93ee80f8532b585dcff3de33693025d9c57294535ebe9145b
-
Size
585KB
-
Sample
230206-n2w51sdg44
-
MD5
804bf0b2a6205f8fffbd9017d21a9d00
-
SHA1
8d11730722f676ac03d6d106175b093c9aab1cdb
-
SHA256
b3dc9d4f17df96d93ee80f8532b585dcff3de33693025d9c57294535ebe9145b
-
SHA512
bc46810bd5c31a5edcf222e8a1d59c9d4d315fcba4d4438bb302d142baf6466606d823039932bfacb2584b75349c4924286674b755d88231c3b99c17189f70e2
-
SSDEEP
12288:EMrby90hBDOXDiavbZNf0QbNO9Ay5PKiI8WPG2rPTIMrnlj:PyiKbf0QRO9AKKj8W+erIMrnlj
Static task
static1
Behavioral task
behavioral1
Sample
b3dc9d4f17df96d93ee80f8532b585dcff3de33693025d9c57294535ebe9145b.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
amadey
3.66
62.204.41.4/Gol478Ns/index.php
Targets
-
-
Target
b3dc9d4f17df96d93ee80f8532b585dcff3de33693025d9c57294535ebe9145b
-
Size
585KB
-
MD5
804bf0b2a6205f8fffbd9017d21a9d00
-
SHA1
8d11730722f676ac03d6d106175b093c9aab1cdb
-
SHA256
b3dc9d4f17df96d93ee80f8532b585dcff3de33693025d9c57294535ebe9145b
-
SHA512
bc46810bd5c31a5edcf222e8a1d59c9d4d315fcba4d4438bb302d142baf6466606d823039932bfacb2584b75349c4924286674b755d88231c3b99c17189f70e2
-
SSDEEP
12288:EMrby90hBDOXDiavbZNf0QbNO9Ay5PKiI8WPG2rPTIMrnlj:PyiKbf0QRO9AKKj8W+erIMrnlj
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-