General
-
Target
bc16d07b5e2c2d275ad3fc2b95dcb7a19ec21107b8972d75b989e1d64fa695a9
-
Size
573KB
-
Sample
230206-vhq8zsfa32
-
MD5
2ef82913f6782c549d2b78be8fd45e48
-
SHA1
bd08831c1b52cc17b44c3d485a6a0b5f90450785
-
SHA256
bc16d07b5e2c2d275ad3fc2b95dcb7a19ec21107b8972d75b989e1d64fa695a9
-
SHA512
e8f778b2cc619332862bfb949e31ad0a1dbc62456127c8753ee80e0c6a65c496a024ab23349cff31dce85ab0257a49b963839983708eae4bf2ef9c822532fa6c
-
SSDEEP
12288:pMrJy90lfMHfeV2l6Zfxjr7O/0VtEFOrN0n/tUD1VJb:0yOkH2Va6Zfxv7OsVXZ0n/Gl
Static task
static1
Behavioral task
behavioral1
Sample
bc16d07b5e2c2d275ad3fc2b95dcb7a19ec21107b8972d75b989e1d64fa695a9.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
amadey
3.66
62.204.41.5/Bu58Ngs/index.php
Targets
-
-
Target
bc16d07b5e2c2d275ad3fc2b95dcb7a19ec21107b8972d75b989e1d64fa695a9
-
Size
573KB
-
MD5
2ef82913f6782c549d2b78be8fd45e48
-
SHA1
bd08831c1b52cc17b44c3d485a6a0b5f90450785
-
SHA256
bc16d07b5e2c2d275ad3fc2b95dcb7a19ec21107b8972d75b989e1d64fa695a9
-
SHA512
e8f778b2cc619332862bfb949e31ad0a1dbc62456127c8753ee80e0c6a65c496a024ab23349cff31dce85ab0257a49b963839983708eae4bf2ef9c822532fa6c
-
SSDEEP
12288:pMrJy90lfMHfeV2l6Zfxjr7O/0VtEFOrN0n/tUD1VJb:0yOkH2Va6Zfxv7OsVXZ0n/Gl
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-