General
-
Target
eb72f6af63e419634d3e61a4506a8a6c45ba88a0e14fff5ace05e4aad67df70b
-
Size
558KB
-
Sample
230206-xt7ffsfd75
-
MD5
0d381b2a947ff7cc76d5ca075abd895e
-
SHA1
d2d36c70ddf9c3701860e466b57f76ca27df4748
-
SHA256
eb72f6af63e419634d3e61a4506a8a6c45ba88a0e14fff5ace05e4aad67df70b
-
SHA512
002552a9ac8adab724bcddc63a552ae702ecd881ad15436334c2ac02fefbc481c96c3fdc2739bbf0732d8a74152dea027d175084e8036a3f012987bb3c811071
-
SSDEEP
12288:EMrEy90E1Rjs4K+DrbwINbY8UK6uYCvmTC53VpagC+bVnKbBeZ:Iy3O4L/BhDHvu0VqBeZ
Static task
static1
Behavioral task
behavioral1
Sample
eb72f6af63e419634d3e61a4506a8a6c45ba88a0e14fff5ace05e4aad67df70b.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
amadey
3.66
62.204.41.4/Gol478Ns/index.php
Targets
-
-
Target
eb72f6af63e419634d3e61a4506a8a6c45ba88a0e14fff5ace05e4aad67df70b
-
Size
558KB
-
MD5
0d381b2a947ff7cc76d5ca075abd895e
-
SHA1
d2d36c70ddf9c3701860e466b57f76ca27df4748
-
SHA256
eb72f6af63e419634d3e61a4506a8a6c45ba88a0e14fff5ace05e4aad67df70b
-
SHA512
002552a9ac8adab724bcddc63a552ae702ecd881ad15436334c2ac02fefbc481c96c3fdc2739bbf0732d8a74152dea027d175084e8036a3f012987bb3c811071
-
SSDEEP
12288:EMrEy90E1Rjs4K+DrbwINbY8UK6uYCvmTC53VpagC+bVnKbBeZ:Iy3O4L/BhDHvu0VqBeZ
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-