General
-
Target
bf4324c2f92b552091ddc2c77afa0cb9cab20d731676d19e0155ce59f108f219
-
Size
558KB
-
Sample
230207-a6ybzsbh4z
-
MD5
46ea981dc5e7db688fa33d6a3ab27853
-
SHA1
cc3957e02ad13cc1ece8deb6ce437d0669e46888
-
SHA256
bf4324c2f92b552091ddc2c77afa0cb9cab20d731676d19e0155ce59f108f219
-
SHA512
afa7de6aa5c30fe81f0baeeafe0f5a21d0e6fc54bcbc4e6591d30ac7fc9bca810ac098177e23ebcb4044385dfcaceaf4a25a016a6c5c90610a078d152ac411b3
-
SSDEEP
12288:IMr0y90C9xQtrpTsj2RCaRsOiQXoykpJV4PMh:MyR9kpJCaRsO/oxV8Mh
Static task
static1
Behavioral task
behavioral1
Sample
bf4324c2f92b552091ddc2c77afa0cb9cab20d731676d19e0155ce59f108f219.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
amadey
3.66
62.204.41.5/Bu58Ngs/index.php
Targets
-
-
Target
bf4324c2f92b552091ddc2c77afa0cb9cab20d731676d19e0155ce59f108f219
-
Size
558KB
-
MD5
46ea981dc5e7db688fa33d6a3ab27853
-
SHA1
cc3957e02ad13cc1ece8deb6ce437d0669e46888
-
SHA256
bf4324c2f92b552091ddc2c77afa0cb9cab20d731676d19e0155ce59f108f219
-
SHA512
afa7de6aa5c30fe81f0baeeafe0f5a21d0e6fc54bcbc4e6591d30ac7fc9bca810ac098177e23ebcb4044385dfcaceaf4a25a016a6c5c90610a078d152ac411b3
-
SSDEEP
12288:IMr0y90C9xQtrpTsj2RCaRsOiQXoykpJV4PMh:MyR9kpJCaRsO/oxV8Mh
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-