General
-
Target
0x00070000000139ea-92.dat
-
Size
210KB
-
Sample
230609-e26vsabf9t
-
MD5
6618942dce4c2f381799cf8fa5a71302
-
SHA1
5ba7abe9e3611f1b0eae4ec2a5193fb8b385e4b7
-
SHA256
f85ac9b305875f0981c04c50a7771c43741ed5a1c43511567f12a94b2c91dd19
-
SHA512
9cbce0718b194ec477778076c2f807b41697cc5dd640e7447b23cae80d749df2ea57732d42d6500eda9bb2cc1d444987b2db3fc5acd57b69cfad1337ee7270fb
-
SSDEEP
3072:H/DmgskHbfHN+Pst60p0zuNmnKG7peNMQbuZAIqbey3lfbi:fDmfAfHN+wiuInRexuZAIij
Behavioral task
behavioral1
Sample
0x00070000000139ea-92.exe
Resource
win7-20230220-en
Malware Config
Extracted
amadey
3.83
77.91.68.30/music/rock/index.php
Targets
-
-
Target
0x00070000000139ea-92.dat
-
Size
210KB
-
MD5
6618942dce4c2f381799cf8fa5a71302
-
SHA1
5ba7abe9e3611f1b0eae4ec2a5193fb8b385e4b7
-
SHA256
f85ac9b305875f0981c04c50a7771c43741ed5a1c43511567f12a94b2c91dd19
-
SHA512
9cbce0718b194ec477778076c2f807b41697cc5dd640e7447b23cae80d749df2ea57732d42d6500eda9bb2cc1d444987b2db3fc5acd57b69cfad1337ee7270fb
-
SSDEEP
3072:H/DmgskHbfHN+Pst60p0zuNmnKG7peNMQbuZAIqbey3lfbi:fDmfAfHN+wiuInRexuZAIij
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-