General
-
Target
21a9f0da1b284e97f6b91646d5cbcdaa8dcaa97789030fd593384a5ce8982719
-
Size
348KB
-
Sample
240317-wz6knscd54
-
MD5
d5b119f281467d558cf4955eee695b01
-
SHA1
f65a058b9c33a483f9dbef5614e5234d8d908405
-
SHA256
21a9f0da1b284e97f6b91646d5cbcdaa8dcaa97789030fd593384a5ce8982719
-
SHA512
26a4398b0ae39cb04358fadfe04e975352292c65317aa921ab17646879583bfe07d2137b3a8c0ff8144c360d8d1b644c93b7d113bb940bf9b8a03ab96d4615f2
-
SSDEEP
6144:SaVKyyzwbnUkoiqwcAR92+TdO5CksxCDy9pPbzBHU2ytluFy:g7yUTihR3ONs46pP3BHUbtD
Static task
static1
Behavioral task
behavioral1
Sample
21a9f0da1b284e97f6b91646d5cbcdaa8dcaa97789030fd593384a5ce8982719.exe
Resource
win7-20240221-en
Malware Config
Extracted
urelas
1.234.83.146
133.242.129.155
218.54.31.226
218.54.30.235
218.54.31.165
Targets
-
-
Target
21a9f0da1b284e97f6b91646d5cbcdaa8dcaa97789030fd593384a5ce8982719
-
Size
348KB
-
MD5
d5b119f281467d558cf4955eee695b01
-
SHA1
f65a058b9c33a483f9dbef5614e5234d8d908405
-
SHA256
21a9f0da1b284e97f6b91646d5cbcdaa8dcaa97789030fd593384a5ce8982719
-
SHA512
26a4398b0ae39cb04358fadfe04e975352292c65317aa921ab17646879583bfe07d2137b3a8c0ff8144c360d8d1b644c93b7d113bb940bf9b8a03ab96d4615f2
-
SSDEEP
6144:SaVKyyzwbnUkoiqwcAR92+TdO5CksxCDy9pPbzBHU2ytluFy:g7yUTihR3ONs46pP3BHUbtD
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-