General
-
Target
70f163c06bfbc5ac01114fcf209a883f1dc0e7a5c4cbb2c134743179f21b0512
-
Size
468KB
-
Sample
240317-zsv25sfg86
-
MD5
7a64b2df3bdb62e7a56754a233b05cb9
-
SHA1
84bf9df184b61b61b9304cc65c028925b48b6f6b
-
SHA256
70f163c06bfbc5ac01114fcf209a883f1dc0e7a5c4cbb2c134743179f21b0512
-
SHA512
7add9b25d4b2492e5367cb0b0c4e5aa8d25763b981b0c521f89c5d8e06667c82bf939cacbb570dbbfb95a225682a91ceef1331427809ba964f3c23d356534489
-
SSDEEP
12288:MrKQUXfDqcDib2vqYzGp53ncgqmy0VFH2:MuQcGbOJKpVncgu
Behavioral task
behavioral1
Sample
70f163c06bfbc5ac01114fcf209a883f1dc0e7a5c4cbb2c134743179f21b0512.exe
Resource
win7-20240221-en
Malware Config
Extracted
urelas
1.234.83.146
133.242.129.155
218.54.31.226
218.54.31.165
Targets
-
-
Target
70f163c06bfbc5ac01114fcf209a883f1dc0e7a5c4cbb2c134743179f21b0512
-
Size
468KB
-
MD5
7a64b2df3bdb62e7a56754a233b05cb9
-
SHA1
84bf9df184b61b61b9304cc65c028925b48b6f6b
-
SHA256
70f163c06bfbc5ac01114fcf209a883f1dc0e7a5c4cbb2c134743179f21b0512
-
SHA512
7add9b25d4b2492e5367cb0b0c4e5aa8d25763b981b0c521f89c5d8e06667c82bf939cacbb570dbbfb95a225682a91ceef1331427809ba964f3c23d356534489
-
SSDEEP
12288:MrKQUXfDqcDib2vqYzGp53ncgqmy0VFH2:MuQcGbOJKpVncgu
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-