General
-
Target
5cb07c79c2ba5c1294709acf3a3452251529600b4d61b51264f212c2c13480ed
-
Size
574KB
-
Sample
230206-t9rhdseh69
-
MD5
37a08da112329a5622c949b94a78fdda
-
SHA1
fdb00d4c0a1742a9526fd4b2cc0c207c954ea9a5
-
SHA256
5cb07c79c2ba5c1294709acf3a3452251529600b4d61b51264f212c2c13480ed
-
SHA512
fa4d14212c61a55bafb143fb8911137eb3a77c64bf38d68bdadc96b067a8d2044f47d0d19f461dba528d68dbc1e1b227134a11a53f13526a12e8b688cb353f64
-
SSDEEP
12288:DMrRy90hAEV1AO+C5sRqFKKK/0xt2FaUN0n/tpq0CfYA4A6d:yyq5bvczsxDu0n/W0RBd
Static task
static1
Behavioral task
behavioral1
Sample
5cb07c79c2ba5c1294709acf3a3452251529600b4d61b51264f212c2c13480ed.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
amadey
3.66
62.204.41.5/Bu58Ngs/index.php
Targets
-
-
Target
5cb07c79c2ba5c1294709acf3a3452251529600b4d61b51264f212c2c13480ed
-
Size
574KB
-
MD5
37a08da112329a5622c949b94a78fdda
-
SHA1
fdb00d4c0a1742a9526fd4b2cc0c207c954ea9a5
-
SHA256
5cb07c79c2ba5c1294709acf3a3452251529600b4d61b51264f212c2c13480ed
-
SHA512
fa4d14212c61a55bafb143fb8911137eb3a77c64bf38d68bdadc96b067a8d2044f47d0d19f461dba528d68dbc1e1b227134a11a53f13526a12e8b688cb353f64
-
SSDEEP
12288:DMrRy90hAEV1AO+C5sRqFKKK/0xt2FaUN0n/tpq0CfYA4A6d:yyq5bvczsxDu0n/W0RBd
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-