General
-
Target
3ded775207f661b28b3a805be4d2967a587983e41844f6cdbca0c40b196d0957
-
Size
343KB
-
Sample
240316-x6g2bsac6w
-
MD5
f44a2c0ada7496d936d7954628b7e791
-
SHA1
6ce4ba65ff7dbca4df7d0aa1d2a86651ac9276a3
-
SHA256
3ded775207f661b28b3a805be4d2967a587983e41844f6cdbca0c40b196d0957
-
SHA512
e96cc30c04a16860b8deb7d7265fb9906b4d3ea2656b01f85684bf9400bbb8db5c5675787e954fe9906aaac86ce25ecf129d2c4948e1ce7a00a95717a8df2d9e
-
SSDEEP
6144:SF/gEKyOAuuHcqXt96bHa+bZu0k6XCCbd2CKcwA2x9G+84AmGSncZ:SF/gVyduuHv946gZ6bCbd2qspnA6e
Static task
static1
Behavioral task
behavioral1
Sample
3ded775207f661b28b3a805be4d2967a587983e41844f6cdbca0c40b196d0957.exe
Resource
win7-20231129-en
Malware Config
Extracted
urelas
1.234.83.146
133.242.129.155
218.54.31.226
218.54.30.235
218.54.31.165
Targets
-
-
Target
3ded775207f661b28b3a805be4d2967a587983e41844f6cdbca0c40b196d0957
-
Size
343KB
-
MD5
f44a2c0ada7496d936d7954628b7e791
-
SHA1
6ce4ba65ff7dbca4df7d0aa1d2a86651ac9276a3
-
SHA256
3ded775207f661b28b3a805be4d2967a587983e41844f6cdbca0c40b196d0957
-
SHA512
e96cc30c04a16860b8deb7d7265fb9906b4d3ea2656b01f85684bf9400bbb8db5c5675787e954fe9906aaac86ce25ecf129d2c4948e1ce7a00a95717a8df2d9e
-
SSDEEP
6144:SF/gEKyOAuuHcqXt96bHa+bZu0k6XCCbd2CKcwA2x9G+84AmGSncZ:SF/gVyduuHv946gZ6bCbd2qspnA6e
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-