General
-
Target
479bf5a468d6dd392ef21003b63c883eee2cfb97a2b31b14e2ca45600fad6758
-
Size
558KB
-
Sample
230206-z8c69sfh74
-
MD5
4ecca0f23ba2296cda4b4d04e5aa2db5
-
SHA1
2e5f439a4d868dd6ccf07c43ab51e754ec8a796e
-
SHA256
479bf5a468d6dd392ef21003b63c883eee2cfb97a2b31b14e2ca45600fad6758
-
SHA512
821e730b042eb0b8abb34d1bbf52bb057b15a21a8f541601856c987aa4003fb9be49a3040e13786d1f58ef55f4889cbd118c9c44f74747152f665ac862732cbe
-
SSDEEP
12288:3MrWy90bNdAZZ8TlFsF+OMaTPmNRbFL6xtOjurAQU:dyKNmZaTlqHTPmNRbFwEjeAd
Static task
static1
Behavioral task
behavioral1
Sample
479bf5a468d6dd392ef21003b63c883eee2cfb97a2b31b14e2ca45600fad6758.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
amadey
3.66
62.204.41.4/Gol478Ns/index.php
Targets
-
-
Target
479bf5a468d6dd392ef21003b63c883eee2cfb97a2b31b14e2ca45600fad6758
-
Size
558KB
-
MD5
4ecca0f23ba2296cda4b4d04e5aa2db5
-
SHA1
2e5f439a4d868dd6ccf07c43ab51e754ec8a796e
-
SHA256
479bf5a468d6dd392ef21003b63c883eee2cfb97a2b31b14e2ca45600fad6758
-
SHA512
821e730b042eb0b8abb34d1bbf52bb057b15a21a8f541601856c987aa4003fb9be49a3040e13786d1f58ef55f4889cbd118c9c44f74747152f665ac862732cbe
-
SSDEEP
12288:3MrWy90bNdAZZ8TlFsF+OMaTPmNRbFL6xtOjurAQU:dyKNmZaTlqHTPmNRbFwEjeAd
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-