General
-
Target
da633c7a5e98d37619fb6def516e9aebc06a5f5a21021076d3f94fb441615877.exe
-
Size
537KB
-
Sample
241123-nazrtstmfw
-
MD5
426c78ee2009d2fbb2d82175efc7ba0d
-
SHA1
efc24b7755e13b36d932134e72b69b90c7e474c9
-
SHA256
da633c7a5e98d37619fb6def516e9aebc06a5f5a21021076d3f94fb441615877
-
SHA512
7cb83253a06f495fb061aa20ad47e126924422548ce221b5b723fea612a9e03a3ed5f0d5ee7abad64decf0c5442b4325275ef092f3f4d70047e0ea39693d3c08
-
SSDEEP
12288:q0nPhglq2Uyt4R/b2G/0hznQGoexBU/NP2:q0P/k4lb2wKat2
Behavioral task
behavioral1
Sample
da633c7a5e98d37619fb6def516e9aebc06a5f5a21021076d3f94fb441615877.exe
Resource
win7-20241023-en
Malware Config
Extracted
urelas
218.54.31.226
218.54.31.165
Targets
-
-
Target
da633c7a5e98d37619fb6def516e9aebc06a5f5a21021076d3f94fb441615877.exe
-
Size
537KB
-
MD5
426c78ee2009d2fbb2d82175efc7ba0d
-
SHA1
efc24b7755e13b36d932134e72b69b90c7e474c9
-
SHA256
da633c7a5e98d37619fb6def516e9aebc06a5f5a21021076d3f94fb441615877
-
SHA512
7cb83253a06f495fb061aa20ad47e126924422548ce221b5b723fea612a9e03a3ed5f0d5ee7abad64decf0c5442b4325275ef092f3f4d70047e0ea39693d3c08
-
SSDEEP
12288:q0nPhglq2Uyt4R/b2G/0hznQGoexBU/NP2:q0P/k4lb2wKat2
-
Urelas family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-