General
-
Target
e106e4e096b7cfacc9ae9f2153a12d944db57f359c0df87962586d83573cb1e5
-
Size
400KB
-
Sample
240318-aytzlacf6x
-
MD5
32021e338fd32df240a0c8c2ae0d78a2
-
SHA1
aa2590911096eef141dc7a388105795a314703a2
-
SHA256
e106e4e096b7cfacc9ae9f2153a12d944db57f359c0df87962586d83573cb1e5
-
SHA512
5ddb5672b77e7053f0ba4b0df22891539db58b750ccd03da14846b3bd20be69fb96c2420304e29723b37f819941bee3b46075daf3441fdde86403881ed38280a
-
SSDEEP
6144:WmQK4uSrzMUCL11g7A9lQQQlVy4J6nRe4Lfg/D2Hfd00F3bMTWwpcVpq8p:WYdSrzMZbyplVbwRe+W2HPwWwpc/
Behavioral task
behavioral1
Sample
e106e4e096b7cfacc9ae9f2153a12d944db57f359c0df87962586d83573cb1e5.exe
Resource
win7-20240221-en
Malware Config
Extracted
urelas
121.88.5.183
218.54.30.235
Targets
-
-
Target
e106e4e096b7cfacc9ae9f2153a12d944db57f359c0df87962586d83573cb1e5
-
Size
400KB
-
MD5
32021e338fd32df240a0c8c2ae0d78a2
-
SHA1
aa2590911096eef141dc7a388105795a314703a2
-
SHA256
e106e4e096b7cfacc9ae9f2153a12d944db57f359c0df87962586d83573cb1e5
-
SHA512
5ddb5672b77e7053f0ba4b0df22891539db58b750ccd03da14846b3bd20be69fb96c2420304e29723b37f819941bee3b46075daf3441fdde86403881ed38280a
-
SSDEEP
6144:WmQK4uSrzMUCL11g7A9lQQQlVy4J6nRe4Lfg/D2Hfd00F3bMTWwpcVpq8p:WYdSrzMZbyplVbwRe+W2HPwWwpc/
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-