General
-
Target
7dc4ab0741f39750101523fee3e05e4c9127b4bda4e2c9faa38701519e74013d
-
Size
574KB
-
Sample
230206-wfzb9afb66
-
MD5
f0200ad23bb2ad25807ba6e841826635
-
SHA1
2a89b71a583871820bc8d3a8d5bcfdda79261c2b
-
SHA256
7dc4ab0741f39750101523fee3e05e4c9127b4bda4e2c9faa38701519e74013d
-
SHA512
d0c4198611a1973ce5eefdfffa5f454c8b4555100aed32aeb850148a1ca1c88cd3c32feef31a2d9b15a2541b34439cf6c7566bc68885fdad0b977cdecaa6ff2c
-
SSDEEP
12288:+Mrfy90w4ya7xT2ERjKw5aLFJv/09tfFLaN0n/t+uZdnU:JyNAxyERjLi1s9/w0n/NZdU
Static task
static1
Behavioral task
behavioral1
Sample
7dc4ab0741f39750101523fee3e05e4c9127b4bda4e2c9faa38701519e74013d.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
amadey
3.66
62.204.41.4/Gol478Ns/index.php
Targets
-
-
Target
7dc4ab0741f39750101523fee3e05e4c9127b4bda4e2c9faa38701519e74013d
-
Size
574KB
-
MD5
f0200ad23bb2ad25807ba6e841826635
-
SHA1
2a89b71a583871820bc8d3a8d5bcfdda79261c2b
-
SHA256
7dc4ab0741f39750101523fee3e05e4c9127b4bda4e2c9faa38701519e74013d
-
SHA512
d0c4198611a1973ce5eefdfffa5f454c8b4555100aed32aeb850148a1ca1c88cd3c32feef31a2d9b15a2541b34439cf6c7566bc68885fdad0b977cdecaa6ff2c
-
SSDEEP
12288:+Mrfy90w4ya7xT2ERjKw5aLFJv/09tfFLaN0n/t+uZdnU:JyNAxyERjLi1s9/w0n/NZdU
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-