General
-
Target
11d9612a66d3b41cbfc4e95831f77f5d3008c390a5d0bb7a7847ff855e5e9945
-
Size
2.6MB
-
Sample
231205-kmklwsad93
-
MD5
5f2476a80b7ad8a8083b0ec5d5f904ed
-
SHA1
198005ee8ff0cacc32aa0613f4f6c7e12ca47d44
-
SHA256
11d9612a66d3b41cbfc4e95831f77f5d3008c390a5d0bb7a7847ff855e5e9945
-
SHA512
ec0963116b4e1b3222834253af4c21b61465887baeba4830fd96006943a452b3c6671bad338b6663ebf3bc184caf0ca50dd0402e8faa1ec5617c9f6c707935c3
-
SSDEEP
49152:yHYMlMk7lxGhm1nUfEWW+WKBry81Gk4yvyD0mfCFIYQR:y4MlMCG4FUcWW+dy8UKCdR
Static task
static1
Malware Config
Extracted
amadey
4.13
http://185.172.128.125
-
install_dir
4fdb51ccdc
-
install_file
Utsysc.exe
-
strings_key
a70b05054314f381be1ab9a5cdc8b250
-
url_paths
/u6vhSc3PPq/index.php
Targets
-
-
Target
11d9612a66d3b41cbfc4e95831f77f5d3008c390a5d0bb7a7847ff855e5e9945
-
Size
2.6MB
-
MD5
5f2476a80b7ad8a8083b0ec5d5f904ed
-
SHA1
198005ee8ff0cacc32aa0613f4f6c7e12ca47d44
-
SHA256
11d9612a66d3b41cbfc4e95831f77f5d3008c390a5d0bb7a7847ff855e5e9945
-
SHA512
ec0963116b4e1b3222834253af4c21b61465887baeba4830fd96006943a452b3c6671bad338b6663ebf3bc184caf0ca50dd0402e8faa1ec5617c9f6c707935c3
-
SSDEEP
49152:yHYMlMk7lxGhm1nUfEWW+WKBry81Gk4yvyD0mfCFIYQR:y4MlMCG4FUcWW+dy8UKCdR
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-