General
-
Target
34a8e29982a73c9872316fb4be7b6f806cbb7368f8fd0a432298fbd075340d88
-
Size
370KB
-
Sample
241109-zz3ess1pd1
-
MD5
c6048b47b750f7d9dcee2fe3c0953e33
-
SHA1
381146715334cceb48f0f619feeeb0b12c958a49
-
SHA256
34a8e29982a73c9872316fb4be7b6f806cbb7368f8fd0a432298fbd075340d88
-
SHA512
b06f1fc1bd83e6edc728e69459e8b2e287ba0457844f53c5aba9295c781746cb63d93d925511f55bb0c3b00d0320dd9ac258cd9b633147abb44c290f63042cd8
-
SSDEEP
6144:Rl/wSz9XIMjyTze/Wb5I0HtzvvdIKcsuR4ptBmRmcPMGaKHP7:RltR4M8zsiHhtInVR4pJc5P7
Static task
static1
Behavioral task
behavioral1
Sample
34a8e29982a73c9872316fb4be7b6f806cbb7368f8fd0a432298fbd075340d88.exe
Resource
win7-20240903-en
Malware Config
Extracted
amadey
3.80
8c4642
http://193.201.9.240
-
install_dir
cb7ae701b3
-
install_file
oneetx.exe
-
strings_key
c7c0f24aa6d8f611f5533809029a4795
-
url_paths
/live/games/index.php
Targets
-
-
Target
34a8e29982a73c9872316fb4be7b6f806cbb7368f8fd0a432298fbd075340d88
-
Size
370KB
-
MD5
c6048b47b750f7d9dcee2fe3c0953e33
-
SHA1
381146715334cceb48f0f619feeeb0b12c958a49
-
SHA256
34a8e29982a73c9872316fb4be7b6f806cbb7368f8fd0a432298fbd075340d88
-
SHA512
b06f1fc1bd83e6edc728e69459e8b2e287ba0457844f53c5aba9295c781746cb63d93d925511f55bb0c3b00d0320dd9ac258cd9b633147abb44c290f63042cd8
-
SSDEEP
6144:Rl/wSz9XIMjyTze/Wb5I0HtzvvdIKcsuR4ptBmRmcPMGaKHP7:RltR4M8zsiHhtInVR4pJc5P7
-
Amadey family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-