General
-
Target
27cf2225f63642c5762ec385d0b6a597aea4aceb666ac1be295161862834bedf
-
Size
558KB
-
Sample
230206-wy3sdsae3y
-
MD5
481871b320c74084096437e5df54b7b2
-
SHA1
b00e92308400a56d2d22cf782b2f974d054ebf6c
-
SHA256
27cf2225f63642c5762ec385d0b6a597aea4aceb666ac1be295161862834bedf
-
SHA512
7867bdfc4e81b81b156d05b9bf334e2b41c96356efeab17c3cc4fcbaa511bef42e2a92cb2382c421e2e9969b3f667c72f4c6488adf7cb4ad21fb35f3c247df82
-
SSDEEP
12288:IMr0y90OwFfC/LZVs8tsMdx7YiXmqGshLp:cy/DlVs8tLrkiWPshF
Static task
static1
Behavioral task
behavioral1
Sample
27cf2225f63642c5762ec385d0b6a597aea4aceb666ac1be295161862834bedf.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
amadey
3.66
62.204.41.4/Gol478Ns/index.php
Targets
-
-
Target
27cf2225f63642c5762ec385d0b6a597aea4aceb666ac1be295161862834bedf
-
Size
558KB
-
MD5
481871b320c74084096437e5df54b7b2
-
SHA1
b00e92308400a56d2d22cf782b2f974d054ebf6c
-
SHA256
27cf2225f63642c5762ec385d0b6a597aea4aceb666ac1be295161862834bedf
-
SHA512
7867bdfc4e81b81b156d05b9bf334e2b41c96356efeab17c3cc4fcbaa511bef42e2a92cb2382c421e2e9969b3f667c72f4c6488adf7cb4ad21fb35f3c247df82
-
SSDEEP
12288:IMr0y90OwFfC/LZVs8tsMdx7YiXmqGshLp:cy/DlVs8tLrkiWPshF
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-