General
-
Target
81147bf9fb4fd2c4e832ba0f08a3b028f5a575f5a0b5e0cc28be9755e43c5fca
-
Size
73KB
-
Sample
241118-camayswbnm
-
MD5
b70300a9a4974be5444645beb9aa8198
-
SHA1
2d779148dc8c1ddab66a8fe33518272c99e8f2ae
-
SHA256
81147bf9fb4fd2c4e832ba0f08a3b028f5a575f5a0b5e0cc28be9755e43c5fca
-
SHA512
d65827958071061d6aa4feb8ca35648d0fb528103b8974a62025999c447d1031a0f0ff592440d33a2f1d9852ba4c03ae9903d918636265798a575c6a4ce1136e
-
SSDEEP
1536:+Uk8RgDXz7Kx8zzgmTlvtKrNCpbXmsz4tHV2:Tk8yn7KdmTINQXzz42
Static task
static1
Behavioral task
behavioral1
Sample
81147bf9fb4fd2c4e832ba0f08a3b028f5a575f5a0b5e0cc28be9755e43c5fca.exe
Resource
win7-20241023-en
Malware Config
Extracted
urelas
112.175.88.207
112.175.88.208
Targets
-
-
Target
81147bf9fb4fd2c4e832ba0f08a3b028f5a575f5a0b5e0cc28be9755e43c5fca
-
Size
73KB
-
MD5
b70300a9a4974be5444645beb9aa8198
-
SHA1
2d779148dc8c1ddab66a8fe33518272c99e8f2ae
-
SHA256
81147bf9fb4fd2c4e832ba0f08a3b028f5a575f5a0b5e0cc28be9755e43c5fca
-
SHA512
d65827958071061d6aa4feb8ca35648d0fb528103b8974a62025999c447d1031a0f0ff592440d33a2f1d9852ba4c03ae9903d918636265798a575c6a4ce1136e
-
SSDEEP
1536:+Uk8RgDXz7Kx8zzgmTlvtKrNCpbXmsz4tHV2:Tk8yn7KdmTINQXzz42
-
Urelas family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-