General
-
Target
879a3e7f3b471579a2ead263007fdd80948757a759223071e48b95b16b40f73d
-
Size
81KB
-
Sample
240627-3wf9yasapl
-
MD5
c20f54b8d46648ee309f1cbe4aa1d3cf
-
SHA1
95d9433600f98efa9930e161046a0c8f835ddacc
-
SHA256
879a3e7f3b471579a2ead263007fdd80948757a759223071e48b95b16b40f73d
-
SHA512
800bfe7bb6e98a78f38833e79c78c0cf31e603594eb3ed2047fb0129c030ba31b78058b429ecc3eebe15387be4e0cf85a766df5db1ab33f6529867c775f2deae
-
SSDEEP
1536:JmBpNDAoG2kf4F+KfQwHq0NVFXqKseZ656KqBxhKYvonouy8GVUVhzf:8hDAb2VHR5aKsDIbTomAoutGVUVxf
Behavioral task
behavioral1
Sample
879a3e7f3b471579a2ead263007fdd80948757a759223071e48b95b16b40f73d.exe
Resource
win7-20240221-en
Malware Config
Extracted
urelas
121.88.5.183
121.88.5.184
218.54.28.139
Targets
-
-
Target
879a3e7f3b471579a2ead263007fdd80948757a759223071e48b95b16b40f73d
-
Size
81KB
-
MD5
c20f54b8d46648ee309f1cbe4aa1d3cf
-
SHA1
95d9433600f98efa9930e161046a0c8f835ddacc
-
SHA256
879a3e7f3b471579a2ead263007fdd80948757a759223071e48b95b16b40f73d
-
SHA512
800bfe7bb6e98a78f38833e79c78c0cf31e603594eb3ed2047fb0129c030ba31b78058b429ecc3eebe15387be4e0cf85a766df5db1ab33f6529867c775f2deae
-
SSDEEP
1536:JmBpNDAoG2kf4F+KfQwHq0NVFXqKseZ656KqBxhKYvonouy8GVUVhzf:8hDAb2VHR5aKsDIbTomAoutGVUVxf
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-