General
-
Target
e2a802f87d7c2f5fd3a0cf0c82de397d9df35e7d05cc163178d4bb0be278f381
-
Size
574KB
-
Sample
230206-t5qejaab5v
-
MD5
d17d145914eaf74f5ff01c87e4973cd6
-
SHA1
64c56814824b0d1f63e1b1e933eae609f04d3c29
-
SHA256
e2a802f87d7c2f5fd3a0cf0c82de397d9df35e7d05cc163178d4bb0be278f381
-
SHA512
85e66196732e9451b419c7d18c14d1bc1f63170f0304f1ef07c05abcf5c5716e6ac786bc9146320e7d22e91cac0f43a86f86a4710e93ad809390e0967d03f897
-
SSDEEP
12288:JMrIy90msz8SzQ1woKC/05tlFhXN0n/tJ6zzkK:5y2K1whCs5r90n/SzzkK
Static task
static1
Behavioral task
behavioral1
Sample
e2a802f87d7c2f5fd3a0cf0c82de397d9df35e7d05cc163178d4bb0be278f381.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
amadey
3.66
62.204.41.5/Bu58Ngs/index.php
Targets
-
-
Target
e2a802f87d7c2f5fd3a0cf0c82de397d9df35e7d05cc163178d4bb0be278f381
-
Size
574KB
-
MD5
d17d145914eaf74f5ff01c87e4973cd6
-
SHA1
64c56814824b0d1f63e1b1e933eae609f04d3c29
-
SHA256
e2a802f87d7c2f5fd3a0cf0c82de397d9df35e7d05cc163178d4bb0be278f381
-
SHA512
85e66196732e9451b419c7d18c14d1bc1f63170f0304f1ef07c05abcf5c5716e6ac786bc9146320e7d22e91cac0f43a86f86a4710e93ad809390e0967d03f897
-
SSDEEP
12288:JMrIy90msz8SzQ1woKC/05tlFhXN0n/tJ6zzkK:5y2K1whCs5r90n/SzzkK
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-