General
-
Target
5e5d62964856f96d33a59d80c3a67832cc8b255bbfb975c2704a6c1594200675N
-
Size
597KB
-
Sample
241010-ngc7eazfmp
-
MD5
f9c91e2058f13e0e9585a2f79eba4bf0
-
SHA1
913233de058e01f3d5a4240659d593c77d32e28d
-
SHA256
5e5d62964856f96d33a59d80c3a67832cc8b255bbfb975c2704a6c1594200675
-
SHA512
398326b16d86935d970d1cfccf38415dcf0cf2149c3f671fcca3fdd7769fb28dabbf5e0aa74c3ca550f3922423028c7826bc4c5152a678ee0af9f0cbe1bc1f64
-
SSDEEP
6144:KzU7blKaPcbhj+bB7ktZeRnVDJm0oNjOPdInpB2:MU7MLb4BQkntwNjqdR
Behavioral task
behavioral1
Sample
5e5d62964856f96d33a59d80c3a67832cc8b255bbfb975c2704a6c1594200675N.exe
Resource
win7-20240903-en
Malware Config
Extracted
urelas
218.54.31.226
218.54.31.165
Targets
-
-
Target
5e5d62964856f96d33a59d80c3a67832cc8b255bbfb975c2704a6c1594200675N
-
Size
597KB
-
MD5
f9c91e2058f13e0e9585a2f79eba4bf0
-
SHA1
913233de058e01f3d5a4240659d593c77d32e28d
-
SHA256
5e5d62964856f96d33a59d80c3a67832cc8b255bbfb975c2704a6c1594200675
-
SHA512
398326b16d86935d970d1cfccf38415dcf0cf2149c3f671fcca3fdd7769fb28dabbf5e0aa74c3ca550f3922423028c7826bc4c5152a678ee0af9f0cbe1bc1f64
-
SSDEEP
6144:KzU7blKaPcbhj+bB7ktZeRnVDJm0oNjOPdInpB2:MU7MLb4BQkntwNjqdR
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-