General
-
Target
0f1f7a9a638bcd2c09dd536c749ffd6e78dcf94e4741ca67d450015bb144e180
-
Size
201KB
-
Sample
240316-wcavgsfh7s
-
MD5
cec5f68d58012e7ce29e68cf0135ad7f
-
SHA1
fe60ba72d3c6c5a33c6c093c47fb37b6cc369e9d
-
SHA256
0f1f7a9a638bcd2c09dd536c749ffd6e78dcf94e4741ca67d450015bb144e180
-
SHA512
bf868f50e0fe1fbf6252ef7ea50c8045ecd94d4f39b8794e3ef9033c4eeb018eca090f6f442b5ce966b65e5e6f1bf229444fe3e6dd2a9d5bc9c1645167abbcd2
-
SSDEEP
1536:Ti+N6u0utYGsoK2mEGIBp+WWN7YfEj77iZ76vVGU2AjZ1g9B5McLaRQLd764cGPd:eYYutRQSc/7c6tJZm9B5MuaRQLd76431
Behavioral task
behavioral1
Sample
0f1f7a9a638bcd2c09dd536c749ffd6e78dcf94e4741ca67d450015bb144e180.exe
Resource
win7-20240221-en
Malware Config
Extracted
urelas
218.54.47.77
218.54.47.74
Targets
-
-
Target
0f1f7a9a638bcd2c09dd536c749ffd6e78dcf94e4741ca67d450015bb144e180
-
Size
201KB
-
MD5
cec5f68d58012e7ce29e68cf0135ad7f
-
SHA1
fe60ba72d3c6c5a33c6c093c47fb37b6cc369e9d
-
SHA256
0f1f7a9a638bcd2c09dd536c749ffd6e78dcf94e4741ca67d450015bb144e180
-
SHA512
bf868f50e0fe1fbf6252ef7ea50c8045ecd94d4f39b8794e3ef9033c4eeb018eca090f6f442b5ce966b65e5e6f1bf229444fe3e6dd2a9d5bc9c1645167abbcd2
-
SSDEEP
1536:Ti+N6u0utYGsoK2mEGIBp+WWN7YfEj77iZ76vVGU2AjZ1g9B5McLaRQLd764cGPd:eYYutRQSc/7c6tJZm9B5MuaRQLd76431
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-