General
-
Target
292999eb56a511dabf5d9ca489c77ea88aad41274d6576d868090be226948f9e
-
Size
467KB
-
Sample
240316-xfhj6sbb79
-
MD5
41660c562239e85d8d35c7db3d5d65c1
-
SHA1
cbe6766ea9521de773494ab199da7d452b8e6473
-
SHA256
292999eb56a511dabf5d9ca489c77ea88aad41274d6576d868090be226948f9e
-
SHA512
9a0f46452304f3df5fff351fb444666989295aeec275ef20cd8285ec61b6cbbad4957072e5b717318bd7887dcffa0af559185ad202d6886b77ab8939efab5a0b
-
SSDEEP
12288:Y6twjLHj/8/GcHUIdPPzEmvTnabAh0ZnAr1U6:Y6tQCG0UUPzEkTn4AC1+t
Behavioral task
behavioral1
Sample
292999eb56a511dabf5d9ca489c77ea88aad41274d6576d868090be226948f9e.exe
Resource
win7-20240221-en
Malware Config
Extracted
urelas
1.234.83.146
133.242.129.155
218.54.31.226
218.54.30.235
Targets
-
-
Target
292999eb56a511dabf5d9ca489c77ea88aad41274d6576d868090be226948f9e
-
Size
467KB
-
MD5
41660c562239e85d8d35c7db3d5d65c1
-
SHA1
cbe6766ea9521de773494ab199da7d452b8e6473
-
SHA256
292999eb56a511dabf5d9ca489c77ea88aad41274d6576d868090be226948f9e
-
SHA512
9a0f46452304f3df5fff351fb444666989295aeec275ef20cd8285ec61b6cbbad4957072e5b717318bd7887dcffa0af559185ad202d6886b77ab8939efab5a0b
-
SSDEEP
12288:Y6twjLHj/8/GcHUIdPPzEmvTnabAh0ZnAr1U6:Y6tQCG0UUPzEkTn4AC1+t
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-