General
-
Target
5f4d2c0033d0286215cb3c9b5dca27a0cb08b192e751784bf51da68f29a1b975N
-
Size
333KB
-
Sample
241011-d34alstarg
-
MD5
0d3c1a944f09b9f527da4e75fd3cbdd0
-
SHA1
36b55675e542846d29c0cf04d88cb580456ebfbc
-
SHA256
5f4d2c0033d0286215cb3c9b5dca27a0cb08b192e751784bf51da68f29a1b975
-
SHA512
fe3507c69c51c16684baf256667de1862065524b9d5790db09207a507913258fb09bdceccaed6524a3db0e0d007291f3defcbb9c0b3f16e36717b547b4a98637
-
SSDEEP
6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XYl:vHW138/iXWlK885rKlGSekcj66ciE
Static task
static1
Behavioral task
behavioral1
Sample
5f4d2c0033d0286215cb3c9b5dca27a0cb08b192e751784bf51da68f29a1b975N.exe
Resource
win7-20240903-en
Malware Config
Extracted
urelas
218.54.31.226
218.54.31.165
218.54.31.166
Targets
-
-
Target
5f4d2c0033d0286215cb3c9b5dca27a0cb08b192e751784bf51da68f29a1b975N
-
Size
333KB
-
MD5
0d3c1a944f09b9f527da4e75fd3cbdd0
-
SHA1
36b55675e542846d29c0cf04d88cb580456ebfbc
-
SHA256
5f4d2c0033d0286215cb3c9b5dca27a0cb08b192e751784bf51da68f29a1b975
-
SHA512
fe3507c69c51c16684baf256667de1862065524b9d5790db09207a507913258fb09bdceccaed6524a3db0e0d007291f3defcbb9c0b3f16e36717b547b4a98637
-
SSDEEP
6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XYl:vHW138/iXWlK885rKlGSekcj66ciE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-