General
-
Target
afcec96b357e86bfc538037b06a1b689c01f778168ccd295bbcaf2ddd251eeec
-
Size
558KB
-
Sample
230207-be1hpsgg75
-
MD5
93341046fdb031bed3bb653619576cd3
-
SHA1
bbcab870d6a7ee5c3cb0e2f50975a94924b8344a
-
SHA256
afcec96b357e86bfc538037b06a1b689c01f778168ccd295bbcaf2ddd251eeec
-
SHA512
faf092716d99ef8c46a63959a715d9ee01b01b0c472b4e5c9d1475f109fb88817cc202a1f2303c1e96363019c5d17c49934a413f27358afab2ffcdd9f1706bfb
-
SSDEEP
12288:ZMrPy90tUlYcC6XpBvlO1pCCIZsOQ/xuCSm:qy1lA6XpBvlyICIZsO3m
Static task
static1
Behavioral task
behavioral1
Sample
afcec96b357e86bfc538037b06a1b689c01f778168ccd295bbcaf2ddd251eeec.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
amadey
3.66
62.204.41.5/Bu58Ngs/index.php
Targets
-
-
Target
afcec96b357e86bfc538037b06a1b689c01f778168ccd295bbcaf2ddd251eeec
-
Size
558KB
-
MD5
93341046fdb031bed3bb653619576cd3
-
SHA1
bbcab870d6a7ee5c3cb0e2f50975a94924b8344a
-
SHA256
afcec96b357e86bfc538037b06a1b689c01f778168ccd295bbcaf2ddd251eeec
-
SHA512
faf092716d99ef8c46a63959a715d9ee01b01b0c472b4e5c9d1475f109fb88817cc202a1f2303c1e96363019c5d17c49934a413f27358afab2ffcdd9f1706bfb
-
SSDEEP
12288:ZMrPy90tUlYcC6XpBvlO1pCCIZsOQ/xuCSm:qy1lA6XpBvlyICIZsO3m
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-