General
-
Target
28a0678105bb207a84e0296851286468c832f2a3656a1623cfe04690f1c683bc
-
Size
558KB
-
Sample
230207-aesx7abg31
-
MD5
ab167135dca11208133dfbc7c9e537d7
-
SHA1
64e52afe283f5fef871792cd7f55302c2cb3734c
-
SHA256
28a0678105bb207a84e0296851286468c832f2a3656a1623cfe04690f1c683bc
-
SHA512
d53ec746f08824cd7ea39aa8a004d540f3dc13430fca58206d0fd3994bc20ad49923892ddad61762b6c60777d1beeb5392768ba573d506013428edf21204d945
-
SSDEEP
12288:qMrCy90HZwFGKwo/Gd0qttjGWT6XwTseIDwTKk:QygAw2aaWT6gTswr
Static task
static1
Behavioral task
behavioral1
Sample
28a0678105bb207a84e0296851286468c832f2a3656a1623cfe04690f1c683bc.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
amadey
3.66
62.204.41.5/Bu58Ngs/index.php
Targets
-
-
Target
28a0678105bb207a84e0296851286468c832f2a3656a1623cfe04690f1c683bc
-
Size
558KB
-
MD5
ab167135dca11208133dfbc7c9e537d7
-
SHA1
64e52afe283f5fef871792cd7f55302c2cb3734c
-
SHA256
28a0678105bb207a84e0296851286468c832f2a3656a1623cfe04690f1c683bc
-
SHA512
d53ec746f08824cd7ea39aa8a004d540f3dc13430fca58206d0fd3994bc20ad49923892ddad61762b6c60777d1beeb5392768ba573d506013428edf21204d945
-
SSDEEP
12288:qMrCy90HZwFGKwo/Gd0qttjGWT6XwTseIDwTKk:QygAw2aaWT6gTswr
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-