General
-
Target
f87e5eddb3eda809b99172e27a87d780N.exe
-
Size
70KB
-
Sample
240804-xzwwxaxgke
-
MD5
f87e5eddb3eda809b99172e27a87d780
-
SHA1
bc8c48cfbd90fc0f45e9d9ae12a015b832de5d33
-
SHA256
4beed96c08ad1d96cc0ff51824516df57f4c89bbbfb9871d927a212ce4e515f6
-
SHA512
21068f7dc192970f9e36c056d06b719c1de35f9b2bdfca4a14e107816b3271719162ca969ba8e122691b16a3c0c0cb1ca0efa83b1cb33ff636f5f6010e563a63
-
SSDEEP
1536:v6fqsAPQYGmPzmZDDZrV8sMQXGkfn33n7z5WeIuhCarawxU:yLAYUzmdD0sMQl7d7IuhCae9
Static task
static1
Behavioral task
behavioral1
Sample
f87e5eddb3eda809b99172e27a87d780N.exe
Resource
win7-20240708-en
Malware Config
Extracted
urelas
218.54.47.76
218.54.47.77
218.54.47.74
Targets
-
-
Target
f87e5eddb3eda809b99172e27a87d780N.exe
-
Size
70KB
-
MD5
f87e5eddb3eda809b99172e27a87d780
-
SHA1
bc8c48cfbd90fc0f45e9d9ae12a015b832de5d33
-
SHA256
4beed96c08ad1d96cc0ff51824516df57f4c89bbbfb9871d927a212ce4e515f6
-
SHA512
21068f7dc192970f9e36c056d06b719c1de35f9b2bdfca4a14e107816b3271719162ca969ba8e122691b16a3c0c0cb1ca0efa83b1cb33ff636f5f6010e563a63
-
SSDEEP
1536:v6fqsAPQYGmPzmZDDZrV8sMQXGkfn33n7z5WeIuhCarawxU:yLAYUzmdD0sMQl7d7IuhCae9
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-