General
-
Target
387194e737d4bc623dd6827cd58c8d32cf6b2fb34b7e758f595d11dcab6c79e4
-
Size
319KB
-
Sample
240316-xz868saa6z
-
MD5
abb69b28aade47f1965fc13df76078e4
-
SHA1
d839954ad29c2a1101409b1a8c438cbdc7e72b89
-
SHA256
387194e737d4bc623dd6827cd58c8d32cf6b2fb34b7e758f595d11dcab6c79e4
-
SHA512
36467ed91d8f305d6ebc1fbc2ac054ce799ecd78dd7df1174265adde739ba24ce235a64d9533762e80a49a4793aef15111ec5dff77ecc1497f60af5f39a5dea6
-
SSDEEP
6144:TOAztL6W+JJMPkZ5tJb52Wd83erDPKmjxTz7HbYcPCVYhg+KZx:TOMFwMPkDH/QiPLxvzblu2FKP
Static task
static1
Behavioral task
behavioral1
Sample
387194e737d4bc623dd6827cd58c8d32cf6b2fb34b7e758f595d11dcab6c79e4.exe
Resource
win7-20240221-en
Malware Config
Extracted
urelas
1.234.83.146
133.242.129.155
218.54.31.165
218.54.31.226
Targets
-
-
Target
387194e737d4bc623dd6827cd58c8d32cf6b2fb34b7e758f595d11dcab6c79e4
-
Size
319KB
-
MD5
abb69b28aade47f1965fc13df76078e4
-
SHA1
d839954ad29c2a1101409b1a8c438cbdc7e72b89
-
SHA256
387194e737d4bc623dd6827cd58c8d32cf6b2fb34b7e758f595d11dcab6c79e4
-
SHA512
36467ed91d8f305d6ebc1fbc2ac054ce799ecd78dd7df1174265adde739ba24ce235a64d9533762e80a49a4793aef15111ec5dff77ecc1497f60af5f39a5dea6
-
SSDEEP
6144:TOAztL6W+JJMPkZ5tJb52Wd83erDPKmjxTz7HbYcPCVYhg+KZx:TOMFwMPkDH/QiPLxvzblu2FKP
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-