General
-
Target
7744db05c54d72ead6b12e2e70cf62485e401de4138cebb830b3b82a050aa636
-
Size
574KB
-
Sample
230206-vrracafa63
-
MD5
1867e26631172eaf52e8b16d68e9bd4c
-
SHA1
93ff6b0f9ff10bf8b4da32b8ca687e2a4d18a775
-
SHA256
7744db05c54d72ead6b12e2e70cf62485e401de4138cebb830b3b82a050aa636
-
SHA512
4f413b87f37cf1bb11023f6841d94ecff032a72e6adbce08fc70397fe327a1c085b77fbcc5f091e9993bc27e1cf2c7eff241fef7d0687ae9ed24af725163efbc
-
SSDEEP
12288:eMrxy90vyVCdNMYKuwWV/0ZtsF0/N0n/t1L11us:vybVYNtgWVsZXF0n/is
Static task
static1
Behavioral task
behavioral1
Sample
7744db05c54d72ead6b12e2e70cf62485e401de4138cebb830b3b82a050aa636.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
amadey
3.66
62.204.41.5/Bu58Ngs/index.php
Targets
-
-
Target
7744db05c54d72ead6b12e2e70cf62485e401de4138cebb830b3b82a050aa636
-
Size
574KB
-
MD5
1867e26631172eaf52e8b16d68e9bd4c
-
SHA1
93ff6b0f9ff10bf8b4da32b8ca687e2a4d18a775
-
SHA256
7744db05c54d72ead6b12e2e70cf62485e401de4138cebb830b3b82a050aa636
-
SHA512
4f413b87f37cf1bb11023f6841d94ecff032a72e6adbce08fc70397fe327a1c085b77fbcc5f091e9993bc27e1cf2c7eff241fef7d0687ae9ed24af725163efbc
-
SSDEEP
12288:eMrxy90vyVCdNMYKuwWV/0ZtsF0/N0n/t1L11us:vybVYNtgWVsZXF0n/is
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-