General
-
Target
b6aeb75f7184e469f1f5db6d99166d16dae1216c45b44803d2c8cac3a7a0f0e3
-
Size
577KB
-
Sample
230206-sc6qdaee42
-
MD5
34a2338004e8491d3ba18ba74170ead6
-
SHA1
835f9fc8c3fee08832ad93014d86a018daa09f31
-
SHA256
b6aeb75f7184e469f1f5db6d99166d16dae1216c45b44803d2c8cac3a7a0f0e3
-
SHA512
3a72cf0db2e1accf1315edc467f4ac1c55801b9414d6c38724e258d1dd3bf397bc75d0d04eddfa9f4fe10228f45f61123f8d79c86a33c9c5e8e6b023370bc7e6
-
SSDEEP
12288:VMrZy90dEFguA20V0OOZ9zIVnDFVKqGUTviZ0fy+n7UdFb:kywggu4VOZZExGu60fv7UdFb
Static task
static1
Behavioral task
behavioral1
Sample
b6aeb75f7184e469f1f5db6d99166d16dae1216c45b44803d2c8cac3a7a0f0e3.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
amadey
3.66
62.204.41.5/Bu58Ngs/index.php
Targets
-
-
Target
b6aeb75f7184e469f1f5db6d99166d16dae1216c45b44803d2c8cac3a7a0f0e3
-
Size
577KB
-
MD5
34a2338004e8491d3ba18ba74170ead6
-
SHA1
835f9fc8c3fee08832ad93014d86a018daa09f31
-
SHA256
b6aeb75f7184e469f1f5db6d99166d16dae1216c45b44803d2c8cac3a7a0f0e3
-
SHA512
3a72cf0db2e1accf1315edc467f4ac1c55801b9414d6c38724e258d1dd3bf397bc75d0d04eddfa9f4fe10228f45f61123f8d79c86a33c9c5e8e6b023370bc7e6
-
SSDEEP
12288:VMrZy90dEFguA20V0OOZ9zIVnDFVKqGUTviZ0fy+n7UdFb:kywggu4VOZZExGu60fv7UdFb
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-