General
-
Target
file.exe
-
Size
558KB
-
Sample
230206-yys93aba2t
-
MD5
d6a0bc29ba4dede76c3e5eb0cf869c62
-
SHA1
fcdb071a93d1d203345f2c521cd283b04758272f
-
SHA256
d03271c221a288fa02e92d7efb046455da65167b66d83cb6a88868724bdf0fba
-
SHA512
eda766e0d3892e321008ec79ff3d615e77b3de19b21579aa84083a7fd5bc16ac846a57e023370e4f50b32cec4122c75b542ecb4e5b579cd409051e302c1d28b6
-
SSDEEP
12288:IMrjy90swwb2fBgY+e2qdTESak0cBVYG/bPcDAfPvV:7yku2iazaG/Y0fF
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
file.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
amadey
3.66
62.204.41.4/Gol478Ns/index.php
Targets
-
-
Target
file.exe
-
Size
558KB
-
MD5
d6a0bc29ba4dede76c3e5eb0cf869c62
-
SHA1
fcdb071a93d1d203345f2c521cd283b04758272f
-
SHA256
d03271c221a288fa02e92d7efb046455da65167b66d83cb6a88868724bdf0fba
-
SHA512
eda766e0d3892e321008ec79ff3d615e77b3de19b21579aa84083a7fd5bc16ac846a57e023370e4f50b32cec4122c75b542ecb4e5b579cd409051e302c1d28b6
-
SSDEEP
12288:IMrjy90swwb2fBgY+e2qdTESak0cBVYG/bPcDAfPvV:7yku2iazaG/Y0fF
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Matrix
Collection
Command and Control
Credential Access
Defense Evasion
Execution
Exfiltration
Impact
Initial Access
Lateral Movement
Privilege Escalation