General
-
Target
676ef39158e1eaffe69e93a78820a705c5907603583a1b44d4a46a7b8932e6ab
-
Size
558KB
-
Sample
230206-zna66sfh32
-
MD5
f5f31c967ff4a3f591feeeb82ca1d15b
-
SHA1
8f56814d111ff573574aa99d2642a830ee8a1bb7
-
SHA256
676ef39158e1eaffe69e93a78820a705c5907603583a1b44d4a46a7b8932e6ab
-
SHA512
5884dd1f74bcc2a5461780cf67309e8fa352d1b27bf9c607a10e992564f9344c016f01c767e961eece4fc4ce04d1cd02dd6223b083194247b660003cb9e0be21
-
SSDEEP
12288:NMr9y90TU1x47TcbB2NdbMDsyPysF+2MaTBmNRVCjDeUS1H0D3:IyX1QWqbmsyPbHTBmNRVKDeUS1H0D3
Static task
static1
Behavioral task
behavioral1
Sample
676ef39158e1eaffe69e93a78820a705c5907603583a1b44d4a46a7b8932e6ab.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
amadey
3.66
62.204.41.5/Bu58Ngs/index.php
Targets
-
-
Target
676ef39158e1eaffe69e93a78820a705c5907603583a1b44d4a46a7b8932e6ab
-
Size
558KB
-
MD5
f5f31c967ff4a3f591feeeb82ca1d15b
-
SHA1
8f56814d111ff573574aa99d2642a830ee8a1bb7
-
SHA256
676ef39158e1eaffe69e93a78820a705c5907603583a1b44d4a46a7b8932e6ab
-
SHA512
5884dd1f74bcc2a5461780cf67309e8fa352d1b27bf9c607a10e992564f9344c016f01c767e961eece4fc4ce04d1cd02dd6223b083194247b660003cb9e0be21
-
SSDEEP
12288:NMr9y90TU1x47TcbB2NdbMDsyPysF+2MaTBmNRVCjDeUS1H0D3:IyX1QWqbmsyPbHTBmNRVKDeUS1H0D3
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-