General
-
Target
a2d77a210a565481d279db49f7acbf7b897f91fe8e9e58938064444ca91573d8N
-
Size
331KB
-
Sample
241026-jgtf6sshlp
-
MD5
0b13ddcce57bf9df654cb55a64316040
-
SHA1
84e0c65017a393700e2fb8a987b556ea2bcccaaa
-
SHA256
a2d77a210a565481d279db49f7acbf7b897f91fe8e9e58938064444ca91573d8
-
SHA512
7f72e5cf8ec2c0ef3babbf4b666c426843f76196d98efe6b09412e7378c089c8fd5fbaa71573004bad018a255d62918fd38f184ac77f5198a8a3e43a2f8782e9
-
SSDEEP
6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XYm:vHW138/iXWlK885rKlGSekcj66ciL
Static task
static1
Behavioral task
behavioral1
Sample
a2d77a210a565481d279db49f7acbf7b897f91fe8e9e58938064444ca91573d8N.exe
Resource
win7-20240903-en
Malware Config
Extracted
urelas
218.54.31.226
218.54.31.165
218.54.31.166
Targets
-
-
Target
a2d77a210a565481d279db49f7acbf7b897f91fe8e9e58938064444ca91573d8N
-
Size
331KB
-
MD5
0b13ddcce57bf9df654cb55a64316040
-
SHA1
84e0c65017a393700e2fb8a987b556ea2bcccaaa
-
SHA256
a2d77a210a565481d279db49f7acbf7b897f91fe8e9e58938064444ca91573d8
-
SHA512
7f72e5cf8ec2c0ef3babbf4b666c426843f76196d98efe6b09412e7378c089c8fd5fbaa71573004bad018a255d62918fd38f184ac77f5198a8a3e43a2f8782e9
-
SSDEEP
6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XYm:vHW138/iXWlK885rKlGSekcj66ciL
-
Urelas family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-