General
-
Target
a8e530b8b7affb0c5e671a3c6d0d8aa1f21d682c6f062e75894d678ac5ca4995
-
Size
578KB
-
Sample
230206-sq44psee93
-
MD5
ef59243235f057ce2f0947df4c42ed2d
-
SHA1
2671b97822c13f0357074ddce18a91efa66735ca
-
SHA256
a8e530b8b7affb0c5e671a3c6d0d8aa1f21d682c6f062e75894d678ac5ca4995
-
SHA512
4a5edc1d78b7206d7689ccfca379f48c85a7612490d463ccee9f7e4118da52c6b8f378d6dbfcd0a83fe9cadd68bdbafd0a85b0524fae5d6150110b30c5a1bd4a
-
SSDEEP
12288:aMriy90+qwf2ngqX2FVAqGUbviKK7o6g7167:oyJ+m7GW9Uic
Static task
static1
Behavioral task
behavioral1
Sample
a8e530b8b7affb0c5e671a3c6d0d8aa1f21d682c6f062e75894d678ac5ca4995.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
amadey
3.66
62.204.41.5/Bu58Ngs/index.php
Targets
-
-
Target
a8e530b8b7affb0c5e671a3c6d0d8aa1f21d682c6f062e75894d678ac5ca4995
-
Size
578KB
-
MD5
ef59243235f057ce2f0947df4c42ed2d
-
SHA1
2671b97822c13f0357074ddce18a91efa66735ca
-
SHA256
a8e530b8b7affb0c5e671a3c6d0d8aa1f21d682c6f062e75894d678ac5ca4995
-
SHA512
4a5edc1d78b7206d7689ccfca379f48c85a7612490d463ccee9f7e4118da52c6b8f378d6dbfcd0a83fe9cadd68bdbafd0a85b0524fae5d6150110b30c5a1bd4a
-
SSDEEP
12288:aMriy90+qwf2ngqX2FVAqGUbviKK7o6g7167:oyJ+m7GW9Uic
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-