General
-
Target
14f6776bea03fd377ad871325d3b41ee0b4b44864f04f00f19c3a55a0f5c8ea0
-
Size
417KB
-
Sample
240316-wlymxaab36
-
MD5
3e0db2d4af42985e093d40abbdb7ab01
-
SHA1
cdf47c7600c8a3b02b699c44513fc216b08248f7
-
SHA256
14f6776bea03fd377ad871325d3b41ee0b4b44864f04f00f19c3a55a0f5c8ea0
-
SHA512
2d27b558cef68c35b815d0a8e06a615510b6c85805b2957b624a911827ae4772e1f6305033cca548c4c652c30833460e05dd238a37442a78b079c3cca44b45b3
-
SSDEEP
6144:y5SXvBoDWoyLYyzbpPC4DYM6SB6v+qLnAzYmhwrxcvkzmSBrBw/ioj:yIfBoDWoyFboU6hAJQnrMt
Behavioral task
behavioral1
Sample
14f6776bea03fd377ad871325d3b41ee0b4b44864f04f00f19c3a55a0f5c8ea0.exe
Resource
win7-20240221-en
Malware Config
Extracted
urelas
218.54.31.165
218.54.31.226
Targets
-
-
Target
14f6776bea03fd377ad871325d3b41ee0b4b44864f04f00f19c3a55a0f5c8ea0
-
Size
417KB
-
MD5
3e0db2d4af42985e093d40abbdb7ab01
-
SHA1
cdf47c7600c8a3b02b699c44513fc216b08248f7
-
SHA256
14f6776bea03fd377ad871325d3b41ee0b4b44864f04f00f19c3a55a0f5c8ea0
-
SHA512
2d27b558cef68c35b815d0a8e06a615510b6c85805b2957b624a911827ae4772e1f6305033cca548c4c652c30833460e05dd238a37442a78b079c3cca44b45b3
-
SSDEEP
6144:y5SXvBoDWoyLYyzbpPC4DYM6SB6v+qLnAzYmhwrxcvkzmSBrBw/ioj:yIfBoDWoyFboU6hAJQnrMt
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-