General
-
Target
11aad9aea23cac05fd8e058cd5392c4ea01eff3f962b3e80cb4be0e380396d76
-
Size
343KB
-
Sample
240317-wg2h1acd8s
-
MD5
f4727636d5f287c81010059a151818dd
-
SHA1
896565b390416b906601743faf8bc0cb3caedbd3
-
SHA256
11aad9aea23cac05fd8e058cd5392c4ea01eff3f962b3e80cb4be0e380396d76
-
SHA512
fe208edc2bcda1406fcea7074cb6e4d92344bdbdc2d1178853e5b1322493daacdc89cd66f3f2d4857e07118c0d3240b984524c8337a1fc684a72f569cd08900c
-
SSDEEP
6144:SF/gEKyOAuuHcqXt96bHa+bZu0k6XCCbd2CKcwA2x9G+84AmGSncj:SF/gVyduuHv946gZ6bCbd2qspnA6k
Static task
static1
Behavioral task
behavioral1
Sample
11aad9aea23cac05fd8e058cd5392c4ea01eff3f962b3e80cb4be0e380396d76.exe
Resource
win7-20240221-en
Malware Config
Extracted
urelas
1.234.83.146
133.242.129.155
218.54.31.226
218.54.30.235
218.54.31.165
Targets
-
-
Target
11aad9aea23cac05fd8e058cd5392c4ea01eff3f962b3e80cb4be0e380396d76
-
Size
343KB
-
MD5
f4727636d5f287c81010059a151818dd
-
SHA1
896565b390416b906601743faf8bc0cb3caedbd3
-
SHA256
11aad9aea23cac05fd8e058cd5392c4ea01eff3f962b3e80cb4be0e380396d76
-
SHA512
fe208edc2bcda1406fcea7074cb6e4d92344bdbdc2d1178853e5b1322493daacdc89cd66f3f2d4857e07118c0d3240b984524c8337a1fc684a72f569cd08900c
-
SSDEEP
6144:SF/gEKyOAuuHcqXt96bHa+bZu0k6XCCbd2CKcwA2x9G+84AmGSncj:SF/gVyduuHv946gZ6bCbd2qspnA6k
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-