General
-
Target
a3a17552a29a08c64d933fbf3bb05aa194359002cf09cd3e87eb5cb42a68e0fb
-
Size
574KB
-
Sample
230206-v1vn5aac7s
-
MD5
e75db36b2065d2f19e3960b0f0096fa4
-
SHA1
c2787a00797591eecab0a7ed20afde61c2375456
-
SHA256
a3a17552a29a08c64d933fbf3bb05aa194359002cf09cd3e87eb5cb42a68e0fb
-
SHA512
9ca812868b4eb2d3d72ff0241f52ccf94b64afde338f2edab8cf15bec45048171dda0d33e995b58fc3e658953d5e7c74b1cc3527489ce0ae3e548355adb0fc46
-
SSDEEP
12288:vMr+y90EQSVxD7v0e06NI/0ttbF7mN0n/tXEHc3nFmRa8:xybjVB7MkNIstXk0n/kQoT
Static task
static1
Behavioral task
behavioral1
Sample
a3a17552a29a08c64d933fbf3bb05aa194359002cf09cd3e87eb5cb42a68e0fb.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
amadey
3.66
62.204.41.5/Bu58Ngs/index.php
Targets
-
-
Target
a3a17552a29a08c64d933fbf3bb05aa194359002cf09cd3e87eb5cb42a68e0fb
-
Size
574KB
-
MD5
e75db36b2065d2f19e3960b0f0096fa4
-
SHA1
c2787a00797591eecab0a7ed20afde61c2375456
-
SHA256
a3a17552a29a08c64d933fbf3bb05aa194359002cf09cd3e87eb5cb42a68e0fb
-
SHA512
9ca812868b4eb2d3d72ff0241f52ccf94b64afde338f2edab8cf15bec45048171dda0d33e995b58fc3e658953d5e7c74b1cc3527489ce0ae3e548355adb0fc46
-
SSDEEP
12288:vMr+y90EQSVxD7v0e06NI/0ttbF7mN0n/tXEHc3nFmRa8:xybjVB7MkNIstXk0n/kQoT
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-