General
-
Target
4ea2670fe6ff4161713d598dd8f0c284b9a1c256666e8df1384ecc5631a76ea2
-
Size
558KB
-
Sample
230207-bz5yxsca8y
-
MD5
de0950e00603a5b496c0388c667e488c
-
SHA1
525101a0d93a3ba608d001ec28e58ec3c8cc5396
-
SHA256
4ea2670fe6ff4161713d598dd8f0c284b9a1c256666e8df1384ecc5631a76ea2
-
SHA512
0bb91fedc5e474f82efbec458dd33cf2abb0135186345f42a3f00d4327414c878327fc9e68ea8d6f8e37d01743e524cf28b8e2e1f5bf0825c28b5ba3670f559b
-
SSDEEP
12288:/MrTy90t7Flk+BgpCxUSHCcdsOYJkMaXtAgHisWwti:oyUZXcCxtCcdsODXtAGisWwti
Static task
static1
Behavioral task
behavioral1
Sample
4ea2670fe6ff4161713d598dd8f0c284b9a1c256666e8df1384ecc5631a76ea2.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
amadey
3.66
62.204.41.4/Gol478Ns/index.php
Targets
-
-
Target
4ea2670fe6ff4161713d598dd8f0c284b9a1c256666e8df1384ecc5631a76ea2
-
Size
558KB
-
MD5
de0950e00603a5b496c0388c667e488c
-
SHA1
525101a0d93a3ba608d001ec28e58ec3c8cc5396
-
SHA256
4ea2670fe6ff4161713d598dd8f0c284b9a1c256666e8df1384ecc5631a76ea2
-
SHA512
0bb91fedc5e474f82efbec458dd33cf2abb0135186345f42a3f00d4327414c878327fc9e68ea8d6f8e37d01743e524cf28b8e2e1f5bf0825c28b5ba3670f559b
-
SSDEEP
12288:/MrTy90t7Flk+BgpCxUSHCcdsOYJkMaXtAgHisWwti:oyUZXcCxtCcdsODXtAGisWwti
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-