General
-
Target
1526d5952d7956238a435ebb8737abdd40736309ffd533cdd21105ae9fd1ceef
-
Size
415KB
-
Sample
241206-1rpz6swjcm
-
MD5
b54b8cd2e321a3f31a07921940c351fa
-
SHA1
926253e894b9afb824726e7312ac65220509acf9
-
SHA256
1526d5952d7956238a435ebb8737abdd40736309ffd533cdd21105ae9fd1ceef
-
SHA512
623c20242072f4ef03aed0eaacf90e9a35fabf04562d9fc6f86e653fb42e2f09df089c839402b652279fdb17dc097299d84dea6658165d54dc4cdf7deda7aa31
-
SSDEEP
12288:CPXaOtGpmLb84Jjzo6yDBuKuJ+ITOCV0d:C7tGpmf8edychVV0d
Behavioral task
behavioral1
Sample
1526d5952d7956238a435ebb8737abdd40736309ffd533cdd21105ae9fd1ceef.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
1526d5952d7956238a435ebb8737abdd40736309ffd533cdd21105ae9fd1ceef.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
amadey
8254624243
e76b71
http://77.91.77.81
-
install_dir
8254624243
-
install_file
axplong.exe
-
strings_key
90049e51fabf09df0d6748e0b271922e
-
url_paths
/Kiru9gu/index.php
Targets
-
-
Target
1526d5952d7956238a435ebb8737abdd40736309ffd533cdd21105ae9fd1ceef
-
Size
415KB
-
MD5
b54b8cd2e321a3f31a07921940c351fa
-
SHA1
926253e894b9afb824726e7312ac65220509acf9
-
SHA256
1526d5952d7956238a435ebb8737abdd40736309ffd533cdd21105ae9fd1ceef
-
SHA512
623c20242072f4ef03aed0eaacf90e9a35fabf04562d9fc6f86e653fb42e2f09df089c839402b652279fdb17dc097299d84dea6658165d54dc4cdf7deda7aa31
-
SSDEEP
12288:CPXaOtGpmLb84Jjzo6yDBuKuJ+ITOCV0d:C7tGpmf8edychVV0d
-
Amadey family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-