General
-
Target
56ecab77b982822a00d317656d1e88d6aca4a3651968c6d6213507f361dbdb55
-
Size
343KB
-
Sample
240317-yv6e8afd5x
-
MD5
0818ef27bf629db63b238bd5a8fbe4cc
-
SHA1
073f0bacb552a81e16c976b2b7429ccb542a06a9
-
SHA256
56ecab77b982822a00d317656d1e88d6aca4a3651968c6d6213507f361dbdb55
-
SHA512
d82ec285a26d512a8675c16a4cfb7a2286d7b7400fb3b15e9b1daa50d5e233f9471db7d08c47c414805a75e4bc4ecff8ca5a9d4191be1c7b315b5336c7e2d9ce
-
SSDEEP
6144:SF/gEKyOAuuHcqXt96bHa+bZu0k6XCCbd2CKcwA2x9G+84AmGSncc:SF/gVyduuHv946gZ6bCbd2qspnA6v
Static task
static1
Behavioral task
behavioral1
Sample
56ecab77b982822a00d317656d1e88d6aca4a3651968c6d6213507f361dbdb55.exe
Resource
win7-20240221-en
Malware Config
Extracted
urelas
1.234.83.146
133.242.129.155
218.54.31.226
218.54.30.235
218.54.31.165
Targets
-
-
Target
56ecab77b982822a00d317656d1e88d6aca4a3651968c6d6213507f361dbdb55
-
Size
343KB
-
MD5
0818ef27bf629db63b238bd5a8fbe4cc
-
SHA1
073f0bacb552a81e16c976b2b7429ccb542a06a9
-
SHA256
56ecab77b982822a00d317656d1e88d6aca4a3651968c6d6213507f361dbdb55
-
SHA512
d82ec285a26d512a8675c16a4cfb7a2286d7b7400fb3b15e9b1daa50d5e233f9471db7d08c47c414805a75e4bc4ecff8ca5a9d4191be1c7b315b5336c7e2d9ce
-
SSDEEP
6144:SF/gEKyOAuuHcqXt96bHa+bZu0k6XCCbd2CKcwA2x9G+84AmGSncc:SF/gVyduuHv946gZ6bCbd2qspnA6v
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-