General
-
Target
a065e851ffb3993d78853cf334b3f3c321737991335c353a8e198247a80742cc
-
Size
574KB
-
Sample
230206-tpt3saeg66
-
MD5
e7b0092b3f6b863bd89584fa0b6ae616
-
SHA1
30dc07b83ecc2a0c8404c915162130861d8eabdc
-
SHA256
a065e851ffb3993d78853cf334b3f3c321737991335c353a8e198247a80742cc
-
SHA512
fc91e55f4b4823c85ad59a314fece2ed785a20f60aea74d4ab11e21defa95a7993e8c2124ed93fc260a759fb7624592cc132f10cc7c62688e4f84389bfe14047
-
SSDEEP
12288:fMrEy90SceO8JFPhdoJuJWKOeAUOH7yCf6QQlU7Y8h:ryvceFddopkA3HZfP9jh
Static task
static1
Behavioral task
behavioral1
Sample
a065e851ffb3993d78853cf334b3f3c321737991335c353a8e198247a80742cc.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
amadey
3.66
62.204.41.4/Gol478Ns/index.php
Targets
-
-
Target
a065e851ffb3993d78853cf334b3f3c321737991335c353a8e198247a80742cc
-
Size
574KB
-
MD5
e7b0092b3f6b863bd89584fa0b6ae616
-
SHA1
30dc07b83ecc2a0c8404c915162130861d8eabdc
-
SHA256
a065e851ffb3993d78853cf334b3f3c321737991335c353a8e198247a80742cc
-
SHA512
fc91e55f4b4823c85ad59a314fece2ed785a20f60aea74d4ab11e21defa95a7993e8c2124ed93fc260a759fb7624592cc132f10cc7c62688e4f84389bfe14047
-
SSDEEP
12288:fMrEy90SceO8JFPhdoJuJWKOeAUOH7yCf6QQlU7Y8h:ryvceFddopkA3HZfP9jh
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-