General
-
Target
d5a4b4ae9d9ac1c6b7baf877c287a3c617cd76789038a8e4edfacdbd30d63294
-
Size
558KB
-
Sample
230207-b23lksca9z
-
MD5
bf2324ca3d2be442a23158e5c80268a2
-
SHA1
65e4e2488ec48e70b7a3b61972e8aee7e94e32ec
-
SHA256
d5a4b4ae9d9ac1c6b7baf877c287a3c617cd76789038a8e4edfacdbd30d63294
-
SHA512
02249f204b255e822a5c81301d24e7abb96ce02ff8869bc6abcb83d1da5e414e01f16931b3d9d7f00471b98bbf48fe3e9772198a62abf71e884fa841fbf41705
-
SSDEEP
12288:xMrvy90Zr4mxm69uobHK8qB19+TCunsOM3uV+Kg:qyYr4mEMuobKYTCunsOZcd
Static task
static1
Behavioral task
behavioral1
Sample
d5a4b4ae9d9ac1c6b7baf877c287a3c617cd76789038a8e4edfacdbd30d63294.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
amadey
3.66
62.204.41.5/Bu58Ngs/index.php
Targets
-
-
Target
d5a4b4ae9d9ac1c6b7baf877c287a3c617cd76789038a8e4edfacdbd30d63294
-
Size
558KB
-
MD5
bf2324ca3d2be442a23158e5c80268a2
-
SHA1
65e4e2488ec48e70b7a3b61972e8aee7e94e32ec
-
SHA256
d5a4b4ae9d9ac1c6b7baf877c287a3c617cd76789038a8e4edfacdbd30d63294
-
SHA512
02249f204b255e822a5c81301d24e7abb96ce02ff8869bc6abcb83d1da5e414e01f16931b3d9d7f00471b98bbf48fe3e9772198a62abf71e884fa841fbf41705
-
SSDEEP
12288:xMrvy90Zr4mxm69uobHK8qB19+TCunsOM3uV+Kg:qyYr4mEMuobKYTCunsOZcd
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-