General
-
Target
0x0007000000013397-120.dat
-
Size
210KB
-
Sample
230610-atdrtadg94
-
MD5
00d3199bc94f3145bdfb1723fc97ee7e
-
SHA1
f2959ef726db22a9cbc0d974ef723ba25e254e15
-
SHA256
3d4c7a39d68ae568ba25cf285e300a60f988c43bd2567da2500ea8514db26c5f
-
SHA512
31ba31b9c1746c118bafa4c2556c1962ba9524d1f42ddf6c66ee8e5e56ff7bd0e0c7eed3cebbdd4ad81884d3c0ecdba40f5b598d3718fae69f370edcdef13c56
-
SSDEEP
3072:H/DmgskHbfHN+Pst60p0zuNmnKG7peNMQbuZAIqbey3lfbi:fDmfAfHN+wiuInRexuZAIij
Behavioral task
behavioral1
Sample
0x0007000000013397-120.exe
Resource
win7-20230220-en
Malware Config
Extracted
amadey
3.83
77.91.68.30/music/rock/index.php
Targets
-
-
Target
0x0007000000013397-120.dat
-
Size
210KB
-
MD5
00d3199bc94f3145bdfb1723fc97ee7e
-
SHA1
f2959ef726db22a9cbc0d974ef723ba25e254e15
-
SHA256
3d4c7a39d68ae568ba25cf285e300a60f988c43bd2567da2500ea8514db26c5f
-
SHA512
31ba31b9c1746c118bafa4c2556c1962ba9524d1f42ddf6c66ee8e5e56ff7bd0e0c7eed3cebbdd4ad81884d3c0ecdba40f5b598d3718fae69f370edcdef13c56
-
SSDEEP
3072:H/DmgskHbfHN+Pst60p0zuNmnKG7peNMQbuZAIqbey3lfbi:fDmfAfHN+wiuInRexuZAIij
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-