General
-
Target
c68e226cd48729e26e3bdacafb5fcb891729d81f3540bb29f2930b1dc0a74215
-
Size
573KB
-
Sample
230206-v5xpaafa97
-
MD5
582eb45c065f72f6883637d9b4230168
-
SHA1
4b06e363807428bfe522b2dfbadaa2b4733ca750
-
SHA256
c68e226cd48729e26e3bdacafb5fcb891729d81f3540bb29f2930b1dc0a74215
-
SHA512
d254daae5d279ce6b5d218f37ef0b23002edf5138d2c102d8e5f82b0111c454045995ef7eb6db89d453f1dc706b34c10e89350cc6a4f772b5f3d372390260226
-
SSDEEP
12288:KMr0y90yzR8VnnxjphwHH/0dtBFh2N0n/tj+5LRxPPOot:GyF4T4sdf00n/8LRtOot
Static task
static1
Behavioral task
behavioral1
Sample
c68e226cd48729e26e3bdacafb5fcb891729d81f3540bb29f2930b1dc0a74215.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
amadey
3.66
62.204.41.5/Bu58Ngs/index.php
Targets
-
-
Target
c68e226cd48729e26e3bdacafb5fcb891729d81f3540bb29f2930b1dc0a74215
-
Size
573KB
-
MD5
582eb45c065f72f6883637d9b4230168
-
SHA1
4b06e363807428bfe522b2dfbadaa2b4733ca750
-
SHA256
c68e226cd48729e26e3bdacafb5fcb891729d81f3540bb29f2930b1dc0a74215
-
SHA512
d254daae5d279ce6b5d218f37ef0b23002edf5138d2c102d8e5f82b0111c454045995ef7eb6db89d453f1dc706b34c10e89350cc6a4f772b5f3d372390260226
-
SSDEEP
12288:KMr0y90yzR8VnnxjphwHH/0dtBFh2N0n/tj+5LRxPPOot:GyF4T4sdf00n/8LRtOot
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-