General
-
Target
eec701fc47dd77af507a1212f6476f88a8eb6640b12cafc0766e27fffb6269bb
-
Size
558KB
-
Sample
230206-xy1tgaaf9y
-
MD5
2df562eb985577dfdc05d2cb0f4c92cb
-
SHA1
beeed0bdf1e284c96c68c68cd866343a827c3956
-
SHA256
eec701fc47dd77af507a1212f6476f88a8eb6640b12cafc0766e27fffb6269bb
-
SHA512
99f5e3d49f1b0722fb962bc068d4ff13dcf09c0ca8b06313fc26f5d006df7f469e09e97a48ab3567e2266b01d4d691832c38e8886bc3da4580fd50201fc4683e
-
SSDEEP
12288:OMr1y90+DKHQcqpQ1OKwvWZUK6uYCv8TM53VpaNj+bVqKthmh72irO:jyhWwHpxv6DHv87y3O27
Static task
static1
Behavioral task
behavioral1
Sample
eec701fc47dd77af507a1212f6476f88a8eb6640b12cafc0766e27fffb6269bb.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
amadey
3.66
62.204.41.4/Gol478Ns/index.php
Targets
-
-
Target
eec701fc47dd77af507a1212f6476f88a8eb6640b12cafc0766e27fffb6269bb
-
Size
558KB
-
MD5
2df562eb985577dfdc05d2cb0f4c92cb
-
SHA1
beeed0bdf1e284c96c68c68cd866343a827c3956
-
SHA256
eec701fc47dd77af507a1212f6476f88a8eb6640b12cafc0766e27fffb6269bb
-
SHA512
99f5e3d49f1b0722fb962bc068d4ff13dcf09c0ca8b06313fc26f5d006df7f469e09e97a48ab3567e2266b01d4d691832c38e8886bc3da4580fd50201fc4683e
-
SSDEEP
12288:OMr1y90+DKHQcqpQ1OKwvWZUK6uYCv8TM53VpaNj+bVqKthmh72irO:jyhWwHpxv6DHv87y3O27
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-