General
-
Target
53534d4ff235ed998ec63aeb9c505403b98e8b85be38bc007602f1ded3bca387
-
Size
558KB
-
Sample
230207-dbczcahb44
-
MD5
402995e98a997636b716f63b1eb0ac21
-
SHA1
42f3dba86c6c294501c0349050105897507226d4
-
SHA256
53534d4ff235ed998ec63aeb9c505403b98e8b85be38bc007602f1ded3bca387
-
SHA512
524f73ebb592b733af537b2a974e0da7d8fb312c2c6ac68266a66b55d8e9defd4c0f0aff7cfb1450c368d001a712a8cc3e063ca66edbc290a85e65158e366784
-
SSDEEP
12288:uMrvy90SXTukmeT5+6EjDLYr223/lISLGzvu4GHpVD4:5y0egjD8D31LGbyJG
Static task
static1
Behavioral task
behavioral1
Sample
53534d4ff235ed998ec63aeb9c505403b98e8b85be38bc007602f1ded3bca387.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
amadey
3.66
62.204.41.5/Bu58Ngs/index.php
Targets
-
-
Target
53534d4ff235ed998ec63aeb9c505403b98e8b85be38bc007602f1ded3bca387
-
Size
558KB
-
MD5
402995e98a997636b716f63b1eb0ac21
-
SHA1
42f3dba86c6c294501c0349050105897507226d4
-
SHA256
53534d4ff235ed998ec63aeb9c505403b98e8b85be38bc007602f1ded3bca387
-
SHA512
524f73ebb592b733af537b2a974e0da7d8fb312c2c6ac68266a66b55d8e9defd4c0f0aff7cfb1450c368d001a712a8cc3e063ca66edbc290a85e65158e366784
-
SSDEEP
12288:uMrvy90SXTukmeT5+6EjDLYr223/lISLGzvu4GHpVD4:5y0egjD8D31LGbyJG
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-