General
-
Target
file.exe
-
Size
558KB
-
Sample
230206-zd5m2afg75
-
MD5
b26d8fdd312369cdddb8c7a8717ad7ad
-
SHA1
a6dd74a7abc5eef221d6ba2dc6a48c986e9e5baa
-
SHA256
c2953504cc927c80bfd7c37d80e73ff1e2bc1df94dba15118e091c7bbbb78166
-
SHA512
7de34b36a1c275f6bc67cd17729c092a1c51368b2220ae8575ac2b3565178f353b0c4ce8c7bab9dcfa0372535dc4638ac35921b1f907c70066c3ba8cd8e5f770
-
SSDEEP
12288:5MrYy90+5DxjiapbCHsF+qMaTkmNRWZDGOjoWYL4Qag4:xyf5hbnHTkmNRW5GbXkQz4
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
file.exe
Resource
win10v2004-20220901-en
Malware Config
Extracted
amadey
3.66
62.204.41.4/Gol478Ns/index.php
Targets
-
-
Target
file.exe
-
Size
558KB
-
MD5
b26d8fdd312369cdddb8c7a8717ad7ad
-
SHA1
a6dd74a7abc5eef221d6ba2dc6a48c986e9e5baa
-
SHA256
c2953504cc927c80bfd7c37d80e73ff1e2bc1df94dba15118e091c7bbbb78166
-
SHA512
7de34b36a1c275f6bc67cd17729c092a1c51368b2220ae8575ac2b3565178f353b0c4ce8c7bab9dcfa0372535dc4638ac35921b1f907c70066c3ba8cd8e5f770
-
SSDEEP
12288:5MrYy90+5DxjiapbCHsF+qMaTkmNRWZDGOjoWYL4Qag4:xyf5hbnHTkmNRW5GbXkQz4
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Matrix
Collection
Command and Control
Credential Access
Defense Evasion
Execution
Exfiltration
Impact
Initial Access
Lateral Movement
Privilege Escalation