General
-
Target
3436d89cfb31ee3dcb65a0bf417fa2e0N.exe
-
Size
419KB
-
Sample
240726-vmxlkavdmf
-
MD5
3436d89cfb31ee3dcb65a0bf417fa2e0
-
SHA1
c9c5468f4b0952aecf5d8c79a3e4a6c1fc716f5d
-
SHA256
f01c5b8e7a5fded8de71abeba2baa1759aaab4a743d72beb474c1e409e3af420
-
SHA512
493ff0bf53c90c2bf1ea76416187c6600277a6a254fc32897a07ef5a525bb638ea71b1668866ceadcce929ea0d08a3822c94b94798d1b117c0bc322e8358cc44
-
SSDEEP
6144:y5SXvBoDWoyLYyzbpPC4DYM6SB6v+qLnAzYmhwrxcvkzmSBrBw/iy:yIfBoDWoyFboU6hAJQnrMV
Behavioral task
behavioral1
Sample
3436d89cfb31ee3dcb65a0bf417fa2e0N.exe
Resource
win7-20240705-en
Malware Config
Extracted
urelas
218.54.31.165
218.54.31.226
Targets
-
-
Target
3436d89cfb31ee3dcb65a0bf417fa2e0N.exe
-
Size
419KB
-
MD5
3436d89cfb31ee3dcb65a0bf417fa2e0
-
SHA1
c9c5468f4b0952aecf5d8c79a3e4a6c1fc716f5d
-
SHA256
f01c5b8e7a5fded8de71abeba2baa1759aaab4a743d72beb474c1e409e3af420
-
SHA512
493ff0bf53c90c2bf1ea76416187c6600277a6a254fc32897a07ef5a525bb638ea71b1668866ceadcce929ea0d08a3822c94b94798d1b117c0bc322e8358cc44
-
SSDEEP
6144:y5SXvBoDWoyLYyzbpPC4DYM6SB6v+qLnAzYmhwrxcvkzmSBrBw/iy:yIfBoDWoyFboU6hAJQnrMV
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-