General
-
Target
d896db759d42faa76b50b3cfe0ddda60N.exe
-
Size
6.4MB
-
Sample
240803-19c4bsxcrm
-
MD5
d896db759d42faa76b50b3cfe0ddda60
-
SHA1
f7feb5875c086696e7d6918135bda7d6fb3fe5a9
-
SHA256
06c1a6fb3c7d6a93ed81bf46768e1184aed2b859a75e0a13f9cd67d5e48324bb
-
SHA512
66e32d1f2150c71f682a5e51f2995a374f75897d2aa387d400603190d58aa27349391d2db27e82bb7249fea54977094344277f8cb8440ab63c5f156a899b9d20
-
SSDEEP
98304:Roc5swrA2XGxlHKcjTjNk3o659yrnfKtDrKIAyyks+Ctf8mQZVSH:i0LrA2kHKQHNk3og9unipQyOaOH
Static task
static1
Behavioral task
behavioral1
Sample
d896db759d42faa76b50b3cfe0ddda60N.exe
Resource
win7-20240729-en
Malware Config
Extracted
urelas
218.54.31.165
218.54.31.226
Targets
-
-
Target
d896db759d42faa76b50b3cfe0ddda60N.exe
-
Size
6.4MB
-
MD5
d896db759d42faa76b50b3cfe0ddda60
-
SHA1
f7feb5875c086696e7d6918135bda7d6fb3fe5a9
-
SHA256
06c1a6fb3c7d6a93ed81bf46768e1184aed2b859a75e0a13f9cd67d5e48324bb
-
SHA512
66e32d1f2150c71f682a5e51f2995a374f75897d2aa387d400603190d58aa27349391d2db27e82bb7249fea54977094344277f8cb8440ab63c5f156a899b9d20
-
SSDEEP
98304:Roc5swrA2XGxlHKcjTjNk3o659yrnfKtDrKIAyyks+Ctf8mQZVSH:i0LrA2kHKQHNk3og9unipQyOaOH
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-