General
-
Target
3c1195d085a9ac66a0f1ddaa1e832855c5a45f5db35ea1953d6bd3b48dc46124.exe
-
Size
537KB
-
Sample
241120-11zwqsyphl
-
MD5
b20e55b1dcce2bfa5356a84bcd9da7d9
-
SHA1
79e4dffeb55d8c3818ad3b8ce3c1048f9baf92ee
-
SHA256
3c1195d085a9ac66a0f1ddaa1e832855c5a45f5db35ea1953d6bd3b48dc46124
-
SHA512
dc7ac12b0c4df4d4d0d31875fce8c4e2fec5ede05cf8ffa26a2bae6e8983ccde39550535c8d9f06b0130994de5ebe96fc66a0a5d71075c2318aab92e3eb29480
-
SSDEEP
12288:q0nPhglq2Uyt4R/b2G/0hznQGoexBU/NPg:q0P/k4lb2wKatg
Behavioral task
behavioral1
Sample
3c1195d085a9ac66a0f1ddaa1e832855c5a45f5db35ea1953d6bd3b48dc46124.exe
Resource
win7-20240903-en
Malware Config
Extracted
urelas
218.54.31.226
218.54.31.165
Targets
-
-
Target
3c1195d085a9ac66a0f1ddaa1e832855c5a45f5db35ea1953d6bd3b48dc46124.exe
-
Size
537KB
-
MD5
b20e55b1dcce2bfa5356a84bcd9da7d9
-
SHA1
79e4dffeb55d8c3818ad3b8ce3c1048f9baf92ee
-
SHA256
3c1195d085a9ac66a0f1ddaa1e832855c5a45f5db35ea1953d6bd3b48dc46124
-
SHA512
dc7ac12b0c4df4d4d0d31875fce8c4e2fec5ede05cf8ffa26a2bae6e8983ccde39550535c8d9f06b0130994de5ebe96fc66a0a5d71075c2318aab92e3eb29480
-
SSDEEP
12288:q0nPhglq2Uyt4R/b2G/0hznQGoexBU/NPg:q0P/k4lb2wKatg
-
Urelas family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-