General
-
Target
file.exe
-
Size
573KB
-
Sample
230206-va5reaeh75
-
MD5
aafa0e0710664dee2bb3de72cd5c128d
-
SHA1
7836e1cb129c9df59f16094257dfb69304d57a5d
-
SHA256
b56bd5aa875667072ff72fb40d4ca8309d5499a71fd8cb84e312cc78d444400f
-
SHA512
112d20928728e5ead629bec24cf4d18496266c453ddd9822b2f938d2deff0e17fc686dd6a9a19fa5874a01f2d5803a9621024b0282be05a8c91b4149fcad8625
-
SSDEEP
12288:vMrBy90kbQeVd6mAFrjl/0dtcFEVN0n/tI/UI6X:GyDTVwm+lsdLf0n/jBX
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
file.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
amadey
3.66
62.204.41.4/Gol478Ns/index.php
Targets
-
-
Target
file.exe
-
Size
573KB
-
MD5
aafa0e0710664dee2bb3de72cd5c128d
-
SHA1
7836e1cb129c9df59f16094257dfb69304d57a5d
-
SHA256
b56bd5aa875667072ff72fb40d4ca8309d5499a71fd8cb84e312cc78d444400f
-
SHA512
112d20928728e5ead629bec24cf4d18496266c453ddd9822b2f938d2deff0e17fc686dd6a9a19fa5874a01f2d5803a9621024b0282be05a8c91b4149fcad8625
-
SSDEEP
12288:vMrBy90kbQeVd6mAFrjl/0dtcFEVN0n/tI/UI6X:GyDTVwm+lsdLf0n/jBX
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-