General
-
Target
3614e202ef6c0a6c12b73f48af6ddbd3bc0653257d77640265502e315d4e00a2
-
Size
89KB
-
Sample
240311-y8w4psfe46
-
MD5
cae6c20aaf0e723476ab22ae751e3514
-
SHA1
50c722d498d8d90cb3870c0aedd4bacf786c8d2a
-
SHA256
3614e202ef6c0a6c12b73f48af6ddbd3bc0653257d77640265502e315d4e00a2
-
SHA512
8cec8c263fe037103c234bf070d575480f6ada72595cba266b8ccb81e98549772dcf03391d6289bd5a9c7bc63584d5e63334211239192d307b0485ff55ae4140
-
SSDEEP
1536:AQ38vsm02LMSTz2u/DBP4EXfpoggoKrKDnzL2i:Aha2B2u7dPfVVKr4nzZ
Static task
static1
Behavioral task
behavioral1
Sample
3614e202ef6c0a6c12b73f48af6ddbd3bc0653257d77640265502e315d4e00a2.exe
Resource
win7-20240221-en
Malware Config
Extracted
urelas
218.54.28.139
121.88.5.183
Targets
-
-
Target
3614e202ef6c0a6c12b73f48af6ddbd3bc0653257d77640265502e315d4e00a2
-
Size
89KB
-
MD5
cae6c20aaf0e723476ab22ae751e3514
-
SHA1
50c722d498d8d90cb3870c0aedd4bacf786c8d2a
-
SHA256
3614e202ef6c0a6c12b73f48af6ddbd3bc0653257d77640265502e315d4e00a2
-
SHA512
8cec8c263fe037103c234bf070d575480f6ada72595cba266b8ccb81e98549772dcf03391d6289bd5a9c7bc63584d5e63334211239192d307b0485ff55ae4140
-
SSDEEP
1536:AQ38vsm02LMSTz2u/DBP4EXfpoggoKrKDnzL2i:Aha2B2u7dPfVVKr4nzZ
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-