General
-
Target
0x0007000000013472-92.dat
-
Size
205KB
-
Sample
230610-ympgqsgd9v
-
MD5
57127977e248579604fe26cf6cb9d2a3
-
SHA1
5187a18f1edbf4cf8e5f3e2143c5b2b4546f10cd
-
SHA256
a4410a591163d42c1e3cd2ef599eb7533886cc7c9beb176e4975ac903fb20356
-
SHA512
85bcf9ae0dcab30e905dc7cf71e3fa67a7a92e27e5bd7ebf88c12fa4731a95b482bd97f8f6c47b8123d0f7ddd35a1db5fd903659871ee5b41260d93f65fd0d50
-
SSDEEP
3072:H/DmgskHbfHN+Pst60p0zuNmnKG7peNMQbuZAIqbey3lfbi:fDmfAfHN+wiuInRexuZAIij
Behavioral task
behavioral1
Sample
0x0007000000013472-92.exe
Resource
win7-20230220-en
Malware Config
Extracted
amadey
3.83
77.91.68.30/music/rock/index.php
Targets
-
-
Target
0x0007000000013472-92.dat
-
Size
205KB
-
MD5
57127977e248579604fe26cf6cb9d2a3
-
SHA1
5187a18f1edbf4cf8e5f3e2143c5b2b4546f10cd
-
SHA256
a4410a591163d42c1e3cd2ef599eb7533886cc7c9beb176e4975ac903fb20356
-
SHA512
85bcf9ae0dcab30e905dc7cf71e3fa67a7a92e27e5bd7ebf88c12fa4731a95b482bd97f8f6c47b8123d0f7ddd35a1db5fd903659871ee5b41260d93f65fd0d50
-
SSDEEP
3072:H/DmgskHbfHN+Pst60p0zuNmnKG7peNMQbuZAIqbey3lfbi:fDmfAfHN+wiuInRexuZAIij
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-