General
-
Target
4deb8118ae65bbd72e1a0a30910d985295690b174e65cac6206d3de354e05e0e
-
Size
559KB
-
Sample
230207-c9bcqscc5t
-
MD5
9b8f37a032904c1f75002906b12b14ef
-
SHA1
aeadac24fd748901e302e2db27673b9385c27bd0
-
SHA256
4deb8118ae65bbd72e1a0a30910d985295690b174e65cac6206d3de354e05e0e
-
SHA512
f4e6e79d9e3429b3af3b0d66c6741bf8d7e83206985ddbdff5ec6ad8c72e985b90e232706a475eddcf68f55892122715006968ec50d079e0b6fbfd27520802e2
-
SSDEEP
12288:+Mr2y90PrNKBs7Y2wjDe9r225/lKSLYeHRmWvod:QyI0QY2wjD0D5rLJmW0
Static task
static1
Behavioral task
behavioral1
Sample
4deb8118ae65bbd72e1a0a30910d985295690b174e65cac6206d3de354e05e0e.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
amadey
3.66
62.204.41.4/Gol478Ns/index.php
Targets
-
-
Target
4deb8118ae65bbd72e1a0a30910d985295690b174e65cac6206d3de354e05e0e
-
Size
559KB
-
MD5
9b8f37a032904c1f75002906b12b14ef
-
SHA1
aeadac24fd748901e302e2db27673b9385c27bd0
-
SHA256
4deb8118ae65bbd72e1a0a30910d985295690b174e65cac6206d3de354e05e0e
-
SHA512
f4e6e79d9e3429b3af3b0d66c6741bf8d7e83206985ddbdff5ec6ad8c72e985b90e232706a475eddcf68f55892122715006968ec50d079e0b6fbfd27520802e2
-
SSDEEP
12288:+Mr2y90PrNKBs7Y2wjDe9r225/lKSLYeHRmWvod:QyI0QY2wjD0D5rLJmW0
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-