General
-
Target
ff67aa4c939a125ce32132a7ec54056eedd315652b8718e8707332086a0c9f3c
-
Size
557KB
-
Sample
230207-alrzgabg7s
-
MD5
3785da9e1c34fe5f28b65276c99bbac7
-
SHA1
1144d0040a87346ba63abaf8dd0be40b05ad297d
-
SHA256
ff67aa4c939a125ce32132a7ec54056eedd315652b8718e8707332086a0c9f3c
-
SHA512
67ca295e751c2bc0da1f6666ade94dc105f5a7a902c4924099bfb437848bb5592de3f77638cefa9f67876f07b6e59921c9382c7d2a05b63fcf87099d22d09b5d
-
SSDEEP
12288:wMrky90I64dRVQGlFFclstKCeDsOkfz4jw2n0:Eyy4XVZ3ultCeDsOmqt0
Static task
static1
Behavioral task
behavioral1
Sample
ff67aa4c939a125ce32132a7ec54056eedd315652b8718e8707332086a0c9f3c.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
amadey
3.66
62.204.41.4/Gol478Ns/index.php
Targets
-
-
Target
ff67aa4c939a125ce32132a7ec54056eedd315652b8718e8707332086a0c9f3c
-
Size
557KB
-
MD5
3785da9e1c34fe5f28b65276c99bbac7
-
SHA1
1144d0040a87346ba63abaf8dd0be40b05ad297d
-
SHA256
ff67aa4c939a125ce32132a7ec54056eedd315652b8718e8707332086a0c9f3c
-
SHA512
67ca295e751c2bc0da1f6666ade94dc105f5a7a902c4924099bfb437848bb5592de3f77638cefa9f67876f07b6e59921c9382c7d2a05b63fcf87099d22d09b5d
-
SSDEEP
12288:wMrky90I64dRVQGlFFclstKCeDsOkfz4jw2n0:Eyy4XVZ3ultCeDsOmqt0
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-