General
-
Target
0x00080000000122ec-137.dat
-
Size
210KB
-
Sample
230609-kdaqbsbf53
-
MD5
28e39d940e186e111f8b7e5139e1227e
-
SHA1
7f8efbd96c63dc176fe1d0dc3e379a3aa911b4d9
-
SHA256
6430fc1c0ee7a3f739ce36caf0a20bef80a8dc67d9fa2fc06a8c24b00d6d2492
-
SHA512
651f0046a56cde9f47510135d2d8340cc315029e2012eba872b7eab67d8b67b12b94351595f85bcd39e3f5eb3bf186909f3a83942b04b734e456ae9e2ededd33
-
SSDEEP
3072:H/DmgskHbfHN+Pst60p0zuNmnKG7peNMQbuZAIqbey3lfbi:fDmfAfHN+wiuInRexuZAIij
Behavioral task
behavioral1
Sample
0x00080000000122ec-137.exe
Resource
win7-20230220-en
Malware Config
Extracted
amadey
3.83
77.91.68.30/music/rock/index.php
Targets
-
-
Target
0x00080000000122ec-137.dat
-
Size
210KB
-
MD5
28e39d940e186e111f8b7e5139e1227e
-
SHA1
7f8efbd96c63dc176fe1d0dc3e379a3aa911b4d9
-
SHA256
6430fc1c0ee7a3f739ce36caf0a20bef80a8dc67d9fa2fc06a8c24b00d6d2492
-
SHA512
651f0046a56cde9f47510135d2d8340cc315029e2012eba872b7eab67d8b67b12b94351595f85bcd39e3f5eb3bf186909f3a83942b04b734e456ae9e2ededd33
-
SSDEEP
3072:H/DmgskHbfHN+Pst60p0zuNmnKG7peNMQbuZAIqbey3lfbi:fDmfAfHN+wiuInRexuZAIij
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-