General
-
Target
a50e91bdcc42084065dadf56c3738ba142d537147fdef38db2f05713aad27482N.exe
-
Size
335KB
-
Sample
241117-byx7paxmey
-
MD5
32b6decf1f8f55af9dc2a48997ebf910
-
SHA1
b19a9b5476ec7afa01a63083dea8961119652928
-
SHA256
a50e91bdcc42084065dadf56c3738ba142d537147fdef38db2f05713aad27482
-
SHA512
d2a82fae0b0621190260475b39f2d040cee0c25f302f5a4f60c164accfdad26d07b8df1cf408588f93769a1b56d12aa167200ef9880795794dd6d669ba14dced
-
SSDEEP
6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XYB:vHW138/iXWlK885rKlGSekcj66ciA
Static task
static1
Behavioral task
behavioral1
Sample
a50e91bdcc42084065dadf56c3738ba142d537147fdef38db2f05713aad27482N.exe
Resource
win7-20240903-en
Malware Config
Extracted
urelas
218.54.31.226
218.54.31.165
218.54.31.166
Targets
-
-
Target
a50e91bdcc42084065dadf56c3738ba142d537147fdef38db2f05713aad27482N.exe
-
Size
335KB
-
MD5
32b6decf1f8f55af9dc2a48997ebf910
-
SHA1
b19a9b5476ec7afa01a63083dea8961119652928
-
SHA256
a50e91bdcc42084065dadf56c3738ba142d537147fdef38db2f05713aad27482
-
SHA512
d2a82fae0b0621190260475b39f2d040cee0c25f302f5a4f60c164accfdad26d07b8df1cf408588f93769a1b56d12aa167200ef9880795794dd6d669ba14dced
-
SSDEEP
6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XYB:vHW138/iXWlK885rKlGSekcj66ciA
-
Urelas family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-