General
-
Target
0x0006000000014720-122.dat
-
Size
211KB
-
Sample
230611-ajrkxsgh2x
-
MD5
9735f362faf2d822fe51741f203b5fa4
-
SHA1
a5d983a143c4be0b598f94853e5b752f1b0475b3
-
SHA256
b883cbda86d6f8cf0281b79686e1751e9763b71ff4d2af0cd2f7030feeea2662
-
SHA512
f46182cdb37af166f1a6eb7ffbbbf5be007eed62ebe8f497471d393cdfffa4306f105925934abec55bc1f962ba1196ea50107252fc5e2e0e8fe3e2f63ae4b2c7
-
SSDEEP
3072:H/DmgskHbfHN+Pst60p0zuNmnKG7peNMQbuZAIqbey3lfbi:fDmfAfHN+wiuInRexuZAIij
Behavioral task
behavioral1
Sample
0x0006000000014720-122.exe
Resource
win7-20230220-en
Malware Config
Extracted
amadey
3.83
77.91.68.30/music/rock/index.php
Targets
-
-
Target
0x0006000000014720-122.dat
-
Size
211KB
-
MD5
9735f362faf2d822fe51741f203b5fa4
-
SHA1
a5d983a143c4be0b598f94853e5b752f1b0475b3
-
SHA256
b883cbda86d6f8cf0281b79686e1751e9763b71ff4d2af0cd2f7030feeea2662
-
SHA512
f46182cdb37af166f1a6eb7ffbbbf5be007eed62ebe8f497471d393cdfffa4306f105925934abec55bc1f962ba1196ea50107252fc5e2e0e8fe3e2f63ae4b2c7
-
SSDEEP
3072:H/DmgskHbfHN+Pst60p0zuNmnKG7peNMQbuZAIqbey3lfbi:fDmfAfHN+wiuInRexuZAIij
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-