General
-
Target
6b91002ce193f41599c63ca1be11bafb59d5abb333bad58b8bd2460ae7c106f3
-
Size
399KB
-
Sample
240316-zrenrsca51
-
MD5
7e31f70d7a2e23dda5bd1376d549c65b
-
SHA1
ff2dbd6c2fd3be48e5b34bb01bc63f17c0b46f14
-
SHA256
6b91002ce193f41599c63ca1be11bafb59d5abb333bad58b8bd2460ae7c106f3
-
SHA512
5b179d44cdc6aa8f7f8af3a2a2cca98ec380eb231b869fac8d661f78a095e36f834fb3d553ffd8c1f00382457fdc4e65b5816e03c21b01863613d8193f3ffbe0
-
SSDEEP
6144:Osa1jZVgy03se7k5kBTTg7YMz6j8GuHEqqtKKUrBwj3bdRZ00:qtVgyuse2kBXg7Cj81cKK7jBb
Behavioral task
behavioral1
Sample
6b91002ce193f41599c63ca1be11bafb59d5abb333bad58b8bd2460ae7c106f3.exe
Resource
win7-20240221-en
Malware Config
Extracted
urelas
1.234.83.146
133.242.129.155
218.54.31.165
218.54.31.226
Targets
-
-
Target
6b91002ce193f41599c63ca1be11bafb59d5abb333bad58b8bd2460ae7c106f3
-
Size
399KB
-
MD5
7e31f70d7a2e23dda5bd1376d549c65b
-
SHA1
ff2dbd6c2fd3be48e5b34bb01bc63f17c0b46f14
-
SHA256
6b91002ce193f41599c63ca1be11bafb59d5abb333bad58b8bd2460ae7c106f3
-
SHA512
5b179d44cdc6aa8f7f8af3a2a2cca98ec380eb231b869fac8d661f78a095e36f834fb3d553ffd8c1f00382457fdc4e65b5816e03c21b01863613d8193f3ffbe0
-
SSDEEP
6144:Osa1jZVgy03se7k5kBTTg7YMz6j8GuHEqqtKKUrBwj3bdRZ00:qtVgyuse2kBXg7Cj81cKK7jBb
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-