General
-
Target
e695f4f648e333cc55478ace0255af9557ce485cb7eca74241aff7e8a66443a1
-
Size
558KB
-
Sample
230207-bq1ylsca5y
-
MD5
d3f3663dcdb5245a5210765853f68665
-
SHA1
feaf24fc67b6c2517f943aba882c9debd2116ddf
-
SHA256
e695f4f648e333cc55478ace0255af9557ce485cb7eca74241aff7e8a66443a1
-
SHA512
e29695d34b232041bef864c3c79c2e6dcaed742ea799e23adcb1cd27420d5c1533d23b370df63ce106262b40d0cb9c937662d201dacfbe8fbc1c7e18732a1161
-
SSDEEP
12288:cMr7y90SkkpBo9K86CBAsOqUg2UDur4M2O:3ycb9K86CBAsOtgVO
Static task
static1
Behavioral task
behavioral1
Sample
e695f4f648e333cc55478ace0255af9557ce485cb7eca74241aff7e8a66443a1.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
amadey
3.66
62.204.41.4/Gol478Ns/index.php
Targets
-
-
Target
e695f4f648e333cc55478ace0255af9557ce485cb7eca74241aff7e8a66443a1
-
Size
558KB
-
MD5
d3f3663dcdb5245a5210765853f68665
-
SHA1
feaf24fc67b6c2517f943aba882c9debd2116ddf
-
SHA256
e695f4f648e333cc55478ace0255af9557ce485cb7eca74241aff7e8a66443a1
-
SHA512
e29695d34b232041bef864c3c79c2e6dcaed742ea799e23adcb1cd27420d5c1533d23b370df63ce106262b40d0cb9c937662d201dacfbe8fbc1c7e18732a1161
-
SSDEEP
12288:cMr7y90SkkpBo9K86CBAsOqUg2UDur4M2O:3ycb9K86CBAsOtgVO
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-