General
-
Target
224a974e4195d27016668799ef2e258a8a90b2fa2ffbf90803c04c888757a158
-
Size
616KB
-
Sample
241017-x3htfs1fqg
-
MD5
4188164a4e1bf424a35bcc1b3b47ce88
-
SHA1
66cf3c0502bc0f6059ba91582db3d8adf7ae5202
-
SHA256
224a974e4195d27016668799ef2e258a8a90b2fa2ffbf90803c04c888757a158
-
SHA512
75d94ed8f767cf24ebe9a2ba1c8481b6b433ee7a3c71697040bd45c80ad1d2475bc6e199f3dcef3b7a947b84aeae61602f169aa15ec9623870da2dc981b8859c
-
SSDEEP
6144:MmbmLppYOuakYGWV5Q4XMxvQ4x1OpGcm9VQl0lM/oJ4/gupXNl:Mma6idv8zzkGHVqoq/gKNl
Behavioral task
behavioral1
Sample
224a974e4195d27016668799ef2e258a8a90b2fa2ffbf90803c04c888757a158.exe
Resource
win7-20240903-en
Malware Config
Extracted
urelas
218.54.31.226
218.54.31.165
Targets
-
-
Target
224a974e4195d27016668799ef2e258a8a90b2fa2ffbf90803c04c888757a158
-
Size
616KB
-
MD5
4188164a4e1bf424a35bcc1b3b47ce88
-
SHA1
66cf3c0502bc0f6059ba91582db3d8adf7ae5202
-
SHA256
224a974e4195d27016668799ef2e258a8a90b2fa2ffbf90803c04c888757a158
-
SHA512
75d94ed8f767cf24ebe9a2ba1c8481b6b433ee7a3c71697040bd45c80ad1d2475bc6e199f3dcef3b7a947b84aeae61602f169aa15ec9623870da2dc981b8859c
-
SSDEEP
6144:MmbmLppYOuakYGWV5Q4XMxvQ4x1OpGcm9VQl0lM/oJ4/gupXNl:Mma6idv8zzkGHVqoq/gKNl
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-