General
-
Target
dd62a6299a5359622ccf303ec6d06590N.exe
-
Size
324KB
-
Sample
240804-bwfvmawglg
-
MD5
dd62a6299a5359622ccf303ec6d06590
-
SHA1
6adb5b4cc9ad295ae0c6ca1e6c69192eece6c1df
-
SHA256
1e50810a6924c6022468202efa2f9a1b04e5ddc28ee63b162b85d9bdcc662103
-
SHA512
16b9093261750f9fa454e8ff47d652ca01e98ce3bced7486a6be25d2a1a83606fb296d6e4e8b9f22e393bbdedfa45b446e9bfc68314a6a3355e62fff3af257d0
-
SSDEEP
6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XY9:vHW138/iXWlK885rKlGSekcj66cik
Static task
static1
Behavioral task
behavioral1
Sample
dd62a6299a5359622ccf303ec6d06590N.exe
Resource
win7-20240704-en
Malware Config
Extracted
urelas
218.54.31.226
218.54.31.165
218.54.31.166
Targets
-
-
Target
dd62a6299a5359622ccf303ec6d06590N.exe
-
Size
324KB
-
MD5
dd62a6299a5359622ccf303ec6d06590
-
SHA1
6adb5b4cc9ad295ae0c6ca1e6c69192eece6c1df
-
SHA256
1e50810a6924c6022468202efa2f9a1b04e5ddc28ee63b162b85d9bdcc662103
-
SHA512
16b9093261750f9fa454e8ff47d652ca01e98ce3bced7486a6be25d2a1a83606fb296d6e4e8b9f22e393bbdedfa45b446e9bfc68314a6a3355e62fff3af257d0
-
SSDEEP
6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XY9:vHW138/iXWlK885rKlGSekcj66cik
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-