General
-
Target
35f188cc6093f6cef6cb12884144251231d0fea53f2a1b02800e8be0db59e2bb
-
Size
201KB
-
Sample
240316-xxtnrsbg67
-
MD5
a14c78ca6af8bbda8599a20bbda60cb0
-
SHA1
9c6aefdac7bd67d207c97b0bcc8c4f54355e1769
-
SHA256
35f188cc6093f6cef6cb12884144251231d0fea53f2a1b02800e8be0db59e2bb
-
SHA512
490b2529544be15e313b7b3043bc1d0071fb394a23e2f15916b04f828665750ca6b1c4384aec0f804edd864f0f4f71671831317307593f6acee817b04302cc29
-
SSDEEP
3072:llfTVlvfdEDRmyc+XA60Kj4omjuVZ6rNp0Vq:lpTV9rZllomjuCNp0s
Behavioral task
behavioral1
Sample
35f188cc6093f6cef6cb12884144251231d0fea53f2a1b02800e8be0db59e2bb.exe
Resource
win7-20231129-en
Malware Config
Extracted
urelas
218.54.47.76
218.54.47.77
218.54.47.74
Targets
-
-
Target
35f188cc6093f6cef6cb12884144251231d0fea53f2a1b02800e8be0db59e2bb
-
Size
201KB
-
MD5
a14c78ca6af8bbda8599a20bbda60cb0
-
SHA1
9c6aefdac7bd67d207c97b0bcc8c4f54355e1769
-
SHA256
35f188cc6093f6cef6cb12884144251231d0fea53f2a1b02800e8be0db59e2bb
-
SHA512
490b2529544be15e313b7b3043bc1d0071fb394a23e2f15916b04f828665750ca6b1c4384aec0f804edd864f0f4f71671831317307593f6acee817b04302cc29
-
SSDEEP
3072:llfTVlvfdEDRmyc+XA60Kj4omjuVZ6rNp0Vq:lpTV9rZllomjuCNp0s
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-