General
-
Target
080205bb816be064f909111d3225ab5061ce7b15d3ec5b4dac8db64369dbc5cf
-
Size
558KB
-
Sample
230206-y6cx2sba41
-
MD5
5312e1af33c01d9c345b52ec77b9a4cd
-
SHA1
008f34a877c86309190229eb525da065d15f1e7a
-
SHA256
080205bb816be064f909111d3225ab5061ce7b15d3ec5b4dac8db64369dbc5cf
-
SHA512
24a0b396e1a73802cec87064f7bf0c48a66ec19f0996c270b6c1213fcd92779de9de023a67ebfe2ae18e5bf9cb107350c95433d28d9fc97f0a12a3cd2642d92e
-
SSDEEP
12288:UMrKy90/s9QhNBluBsF+mMaTomNRKsgonD:2yes9QhLZHTomNRKsJ
Static task
static1
Behavioral task
behavioral1
Sample
080205bb816be064f909111d3225ab5061ce7b15d3ec5b4dac8db64369dbc5cf.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
amadey
3.66
62.204.41.5/Bu58Ngs/index.php
Targets
-
-
Target
080205bb816be064f909111d3225ab5061ce7b15d3ec5b4dac8db64369dbc5cf
-
Size
558KB
-
MD5
5312e1af33c01d9c345b52ec77b9a4cd
-
SHA1
008f34a877c86309190229eb525da065d15f1e7a
-
SHA256
080205bb816be064f909111d3225ab5061ce7b15d3ec5b4dac8db64369dbc5cf
-
SHA512
24a0b396e1a73802cec87064f7bf0c48a66ec19f0996c270b6c1213fcd92779de9de023a67ebfe2ae18e5bf9cb107350c95433d28d9fc97f0a12a3cd2642d92e
-
SSDEEP
12288:UMrKy90/s9QhNBluBsF+mMaTomNRKsgonD:2yes9QhLZHTomNRKsJ
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-