General
-
Target
007ddb263778b83095083214594abf9e20964ebba9d3f5f7b91644b545018580
-
Size
558KB
-
Sample
230207-cs4yqacb9y
-
MD5
a9c99abba6b25d4934195e6ef1dc877a
-
SHA1
3681d1af8e0147e3e56b85b170beb1fec607f26a
-
SHA256
007ddb263778b83095083214594abf9e20964ebba9d3f5f7b91644b545018580
-
SHA512
9f32e65fad72d0bfc4fba345dad29cbe0fd42ba46c7c23f600d9c1e9a6e1aa779e5d14bee453d228df072006f110bb7821a854a60fa9fcd7faf9af55c4e43b09
-
SSDEEP
12288:4Mrfy90k28Pi9kbJ0hIk0kzUCYTsOOaq+ru:ny+9kqjbwCYTsO2+C
Static task
static1
Behavioral task
behavioral1
Sample
007ddb263778b83095083214594abf9e20964ebba9d3f5f7b91644b545018580.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
amadey
3.66
62.204.41.5/Bu58Ngs/index.php
Targets
-
-
Target
007ddb263778b83095083214594abf9e20964ebba9d3f5f7b91644b545018580
-
Size
558KB
-
MD5
a9c99abba6b25d4934195e6ef1dc877a
-
SHA1
3681d1af8e0147e3e56b85b170beb1fec607f26a
-
SHA256
007ddb263778b83095083214594abf9e20964ebba9d3f5f7b91644b545018580
-
SHA512
9f32e65fad72d0bfc4fba345dad29cbe0fd42ba46c7c23f600d9c1e9a6e1aa779e5d14bee453d228df072006f110bb7821a854a60fa9fcd7faf9af55c4e43b09
-
SSDEEP
12288:4Mrfy90k28Pi9kbJ0hIk0kzUCYTsOOaq+ru:ny+9kqjbwCYTsO2+C
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-