General
-
Target
e4cc949eba24b9cc1238b81ad8605df426d3b0e30a20db8452d3b09ff19e3c8d
-
Size
558KB
-
Sample
230207-aswk8sbg8z
-
MD5
77943c4f695e46cc74de70d6f9a10a3b
-
SHA1
7a9764e5a6c3fe1b15f3ee6d511f8a4c515fd207
-
SHA256
e4cc949eba24b9cc1238b81ad8605df426d3b0e30a20db8452d3b09ff19e3c8d
-
SHA512
bd7ffb7657968b102e3a27ce79d0331048dd4ecf2954cd3cb643eed3edfe66f5ead71b70b33ee55e52603c926dcb477b16e2af91673bc12639473216f53687da
-
SSDEEP
12288:zMrry90VOuvSAEHoeQ35wCS/sOQtCrIG:kyASbHRQ3qCS/sOyCrIG
Static task
static1
Behavioral task
behavioral1
Sample
e4cc949eba24b9cc1238b81ad8605df426d3b0e30a20db8452d3b09ff19e3c8d.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
amadey
3.66
62.204.41.5/Bu58Ngs/index.php
Targets
-
-
Target
e4cc949eba24b9cc1238b81ad8605df426d3b0e30a20db8452d3b09ff19e3c8d
-
Size
558KB
-
MD5
77943c4f695e46cc74de70d6f9a10a3b
-
SHA1
7a9764e5a6c3fe1b15f3ee6d511f8a4c515fd207
-
SHA256
e4cc949eba24b9cc1238b81ad8605df426d3b0e30a20db8452d3b09ff19e3c8d
-
SHA512
bd7ffb7657968b102e3a27ce79d0331048dd4ecf2954cd3cb643eed3edfe66f5ead71b70b33ee55e52603c926dcb477b16e2af91673bc12639473216f53687da
-
SSDEEP
12288:zMrry90VOuvSAEHoeQ35wCS/sOQtCrIG:kyASbHRQ3qCS/sOyCrIG
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-