General
-
Target
d1091c3d08ec684c7fce5e14428ce1340ab9c5b0f8f66c0581c7572614c84eb2
-
Size
559KB
-
Sample
230207-acy2esbg3s
-
MD5
c0ebe762cd9770136e4298392c48e39e
-
SHA1
f852d8c9f419470b389b793f7235a63af5e32988
-
SHA256
d1091c3d08ec684c7fce5e14428ce1340ab9c5b0f8f66c0581c7572614c84eb2
-
SHA512
d0d88a78c6511986fb700af2a7e0daf1de3918ccb28faa6c58a973bf587090e522c00b8be1b112d803e5c7822ee4ccdecc71447202e0a7a63ce9c39bf3665bd1
-
SSDEEP
12288:ZMrWy90gmSxuGbxhIRoz7e2t+jGW46RqDCj0xVg:7ylI6HI2z70aW46wDVxVg
Static task
static1
Behavioral task
behavioral1
Sample
d1091c3d08ec684c7fce5e14428ce1340ab9c5b0f8f66c0581c7572614c84eb2.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
amadey
3.66
62.204.41.4/Gol478Ns/index.php
Targets
-
-
Target
d1091c3d08ec684c7fce5e14428ce1340ab9c5b0f8f66c0581c7572614c84eb2
-
Size
559KB
-
MD5
c0ebe762cd9770136e4298392c48e39e
-
SHA1
f852d8c9f419470b389b793f7235a63af5e32988
-
SHA256
d1091c3d08ec684c7fce5e14428ce1340ab9c5b0f8f66c0581c7572614c84eb2
-
SHA512
d0d88a78c6511986fb700af2a7e0daf1de3918ccb28faa6c58a973bf587090e522c00b8be1b112d803e5c7822ee4ccdecc71447202e0a7a63ce9c39bf3665bd1
-
SSDEEP
12288:ZMrWy90gmSxuGbxhIRoz7e2t+jGW46RqDCj0xVg:7ylI6HI2z70aW46wDVxVg
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-