General
-
Target
64b0194a5207372643d6ce7af0a25da27eeefea8ab93727f82c69a84a7bc799c
-
Size
559KB
-
Sample
230207-c47hzscc4t
-
MD5
15f972ec4846d6be895936b52cb2271b
-
SHA1
12efc6f146e48587d7f7c68a78f85a9f9f600846
-
SHA256
64b0194a5207372643d6ce7af0a25da27eeefea8ab93727f82c69a84a7bc799c
-
SHA512
16042808c6b70bedab70136adb43c9b27a5bde10c3211d1e1c40129200e4d4328786f3013adc70d4da3a1c0a3ca79731fc5a390247624d3307fb0fba83878cd1
-
SSDEEP
12288:uMrhy90m9fLbsCBjRrjzICLdUtb4jDobr22w/lzS9W2lRvXP:HyZ9TgCzjzICLyyjDMDww9/zvXP
Static task
static1
Behavioral task
behavioral1
Sample
64b0194a5207372643d6ce7af0a25da27eeefea8ab93727f82c69a84a7bc799c.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
amadey
3.66
62.204.41.4/Gol478Ns/index.php
Targets
-
-
Target
64b0194a5207372643d6ce7af0a25da27eeefea8ab93727f82c69a84a7bc799c
-
Size
559KB
-
MD5
15f972ec4846d6be895936b52cb2271b
-
SHA1
12efc6f146e48587d7f7c68a78f85a9f9f600846
-
SHA256
64b0194a5207372643d6ce7af0a25da27eeefea8ab93727f82c69a84a7bc799c
-
SHA512
16042808c6b70bedab70136adb43c9b27a5bde10c3211d1e1c40129200e4d4328786f3013adc70d4da3a1c0a3ca79731fc5a390247624d3307fb0fba83878cd1
-
SSDEEP
12288:uMrhy90m9fLbsCBjRrjzICLdUtb4jDobr22w/lzS9W2lRvXP:HyZ9TgCzjzICLyyjDMDww9/zvXP
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-