General
-
Target
a9d35b3546a908c804d177020daefcb0
-
Size
7.0MB
-
Sample
240227-wvvydagc3t
-
MD5
a9d35b3546a908c804d177020daefcb0
-
SHA1
1ba9d78409d3188653fcb003d618b97a276577fa
-
SHA256
45193fa14de60908b958e3f268ef46457acbbe4d7b63784a8dc177a510528827
-
SHA512
fb03bd4f20493bfd41e013102162e3ca4b3e084f2be6caf8311c0e772d55ebb8b753f5bcc2397cc0f0b9298ac51da27b96232c858c9bbfcedf00b23db04cd337
-
SSDEEP
196608:XPGZKb8EmARpfMWw93Axfy46VqPFUXd8hSXJTkWOg0rmt+kK1:+o7pa9wVaqcd8hSZkWOgOmHq
Malware Config
Targets
-
-
Target
a9d35b3546a908c804d177020daefcb0
-
Size
7.0MB
-
MD5
a9d35b3546a908c804d177020daefcb0
-
SHA1
1ba9d78409d3188653fcb003d618b97a276577fa
-
SHA256
45193fa14de60908b958e3f268ef46457acbbe4d7b63784a8dc177a510528827
-
SHA512
fb03bd4f20493bfd41e013102162e3ca4b3e084f2be6caf8311c0e772d55ebb8b753f5bcc2397cc0f0b9298ac51da27b96232c858c9bbfcedf00b23db04cd337
-
SSDEEP
196608:XPGZKb8EmARpfMWw93Axfy46VqPFUXd8hSXJTkWOg0rmt+kK1:+o7pa9wVaqcd8hSZkWOgOmHq
Score10/10-
Amadey
Amadey bot is a simple trojan bot primarily used for collecting reconnaissance information.
-
Babadeda
Babadeda is a crypter delivered as a legitimate installer and used to drop other malware families.
-
Babadeda Crypter
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-