General
-
Target
2f356ea26b925e52a99008a52266e6f409b66c2271fc91a50faa501a9081ca3f
-
Size
200KB
-
Sample
240310-yz5dqabe5y
-
MD5
d791845fba6c437f98b3473ce3174e61
-
SHA1
db14f5e49882539097acc2537acf8a7d400e09e0
-
SHA256
2f356ea26b925e52a99008a52266e6f409b66c2271fc91a50faa501a9081ca3f
-
SHA512
7d4c99f9ba9f449ee733b216677487f3fd7e11df903d967b063f87e261e70b5602eaf9b82bab1738f513d4dd971982d79fffe2812ba1ecb993ace5b33973f83d
-
SSDEEP
3072:5lFv8dvfdEDRmycmX260p850GAqjuVZ6rNOaVls:5/v8trzl25YqjuCNVls
Behavioral task
behavioral1
Sample
2f356ea26b925e52a99008a52266e6f409b66c2271fc91a50faa501a9081ca3f.exe
Resource
win7-20240221-en
Malware Config
Extracted
urelas
218.54.47.76
218.54.47.77
218.54.47.74
Targets
-
-
Target
2f356ea26b925e52a99008a52266e6f409b66c2271fc91a50faa501a9081ca3f
-
Size
200KB
-
MD5
d791845fba6c437f98b3473ce3174e61
-
SHA1
db14f5e49882539097acc2537acf8a7d400e09e0
-
SHA256
2f356ea26b925e52a99008a52266e6f409b66c2271fc91a50faa501a9081ca3f
-
SHA512
7d4c99f9ba9f449ee733b216677487f3fd7e11df903d967b063f87e261e70b5602eaf9b82bab1738f513d4dd971982d79fffe2812ba1ecb993ace5b33973f83d
-
SSDEEP
3072:5lFv8dvfdEDRmycmX260p850GAqjuVZ6rNOaVls:5/v8trzl25YqjuCNVls
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-