General
-
Target
b45671e0e9c665d84728fe69190103fa223888998b048fb3845a43de060ca80e
-
Size
558KB
-
Sample
230206-xm4qzsaf4v
-
MD5
e74ebd7dbb48ae2070847cd6dafbc0c1
-
SHA1
04244f94f28ac3b718d46b1ae125f637b70eaf07
-
SHA256
b45671e0e9c665d84728fe69190103fa223888998b048fb3845a43de060ca80e
-
SHA512
166e4fc30b1d7f3f300475c39dea497e2048e77476b2744b9774b920d229f21dc9c667dd3c350c10b72218642711ccd02cb33c1015cd198d7494fac71fbfc2d9
-
SSDEEP
12288:RMrRy90z/PamR5AqwE8QzUK6uYCvyTK53Vpa8a+bVJKOds/l7:EyC/PH5AqwmDHvC4dpQ
Static task
static1
Behavioral task
behavioral1
Sample
b45671e0e9c665d84728fe69190103fa223888998b048fb3845a43de060ca80e.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
amadey
3.66
62.204.41.5/Bu58Ngs/index.php
Targets
-
-
Target
b45671e0e9c665d84728fe69190103fa223888998b048fb3845a43de060ca80e
-
Size
558KB
-
MD5
e74ebd7dbb48ae2070847cd6dafbc0c1
-
SHA1
04244f94f28ac3b718d46b1ae125f637b70eaf07
-
SHA256
b45671e0e9c665d84728fe69190103fa223888998b048fb3845a43de060ca80e
-
SHA512
166e4fc30b1d7f3f300475c39dea497e2048e77476b2744b9774b920d229f21dc9c667dd3c350c10b72218642711ccd02cb33c1015cd198d7494fac71fbfc2d9
-
SSDEEP
12288:RMrRy90z/PamR5AqwE8QzUK6uYCvyTK53Vpa8a+bVJKOds/l7:EyC/PH5AqwmDHvC4dpQ
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-