General
-
Target
8d885cc4576bfaad672aff8db87b821f5516a0546615e108ba953f0a5075ef89
-
Size
558KB
-
Sample
230206-w1xzxsae4y
-
MD5
1ff5742bd73ea24a402a0ffb8a0b4833
-
SHA1
d757a034576c2b285f92fd230b2173b2fbda6910
-
SHA256
8d885cc4576bfaad672aff8db87b821f5516a0546615e108ba953f0a5075ef89
-
SHA512
fbb4fbd7f2539cffbeb5d7c0d5c4748b6f350957c439d2a4c56f2dba7190a2fa365d83e522cb4f3d10360a8e5841e86dbfe9f9966e0dfc2b3d9a6bbc345af647
-
SSDEEP
12288:wMrEy90ygaG7kAz/QFsMdx7IidmqkK71Y5U1:ky7gaGAG/mLrkiIJKh
Static task
static1
Behavioral task
behavioral1
Sample
8d885cc4576bfaad672aff8db87b821f5516a0546615e108ba953f0a5075ef89.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
amadey
3.66
62.204.41.5/Bu58Ngs/index.php
Targets
-
-
Target
8d885cc4576bfaad672aff8db87b821f5516a0546615e108ba953f0a5075ef89
-
Size
558KB
-
MD5
1ff5742bd73ea24a402a0ffb8a0b4833
-
SHA1
d757a034576c2b285f92fd230b2173b2fbda6910
-
SHA256
8d885cc4576bfaad672aff8db87b821f5516a0546615e108ba953f0a5075ef89
-
SHA512
fbb4fbd7f2539cffbeb5d7c0d5c4748b6f350957c439d2a4c56f2dba7190a2fa365d83e522cb4f3d10360a8e5841e86dbfe9f9966e0dfc2b3d9a6bbc345af647
-
SSDEEP
12288:wMrEy90ygaG7kAz/QFsMdx7IidmqkK71Y5U1:ky7gaGAG/mLrkiIJKh
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-