General
-
Target
f2cba2e05d3d937fa7ee44a0da60ac8b32a21ca073b3b39c6b184bd883eace42
-
Size
295KB
-
Sample
240310-cd5xgahb45
-
MD5
2326b29e965a889666103f22a1d12cf0
-
SHA1
2db43cf854d21e14f51f8865c46f0e4a78834653
-
SHA256
f2cba2e05d3d937fa7ee44a0da60ac8b32a21ca073b3b39c6b184bd883eace42
-
SHA512
f017c64651fc4130dc98f68d7dd9948cfe0b1637129ad22240d7b09a29567401b12a36ffa278e66adbf78bc5b43acedc146f618c32c0a41e12ec68e34fd8531d
-
SSDEEP
6144:NxZtkaDv51Tn2qM6De4W40f4oAYrMfZ2kKE9V:JDvTnx7DeN40fnnu/V
Static task
static1
Behavioral task
behavioral1
Sample
f2cba2e05d3d937fa7ee44a0da60ac8b32a21ca073b3b39c6b184bd883eace42.exe
Resource
win7-20240221-en
Malware Config
Extracted
urelas
1.234.83.146
133.242.129.155
218.54.31.226
218.54.30.235
218.54.31.165
Targets
-
-
Target
f2cba2e05d3d937fa7ee44a0da60ac8b32a21ca073b3b39c6b184bd883eace42
-
Size
295KB
-
MD5
2326b29e965a889666103f22a1d12cf0
-
SHA1
2db43cf854d21e14f51f8865c46f0e4a78834653
-
SHA256
f2cba2e05d3d937fa7ee44a0da60ac8b32a21ca073b3b39c6b184bd883eace42
-
SHA512
f017c64651fc4130dc98f68d7dd9948cfe0b1637129ad22240d7b09a29567401b12a36ffa278e66adbf78bc5b43acedc146f618c32c0a41e12ec68e34fd8531d
-
SSDEEP
6144:NxZtkaDv51Tn2qM6De4W40f4oAYrMfZ2kKE9V:JDvTnx7DeN40fnnu/V
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-