General
-
Target
NEAS.79f32ad8875d9c96a538ab5894973571_JC.exe
-
Size
141KB
-
Sample
231010-w9awrahg68
-
MD5
79f32ad8875d9c96a538ab5894973571
-
SHA1
f83a9084b7ef7e7031a061c69c254aa3156a17e1
-
SHA256
f47dac99ccfaf1d1e12273bfc0ec20db9bfa85a111b9c754ca9e209133f11a6e
-
SHA512
8f9a8dfab3e9274b0fd44ee9303d9b86f467a650366688895437e92eede201f5272347771914ca85f5879e898f17f9235f9df309a435997dc657cc267d57455f
-
SSDEEP
3072:K3kHmMsmRUOMfCECCeZlmgchdvz6xs9PY0X85jx08aAP52jKR2jKqRWX:zHbRUOqwC4mgg44jKojKqRy
Malware Config
Extracted
urelas
121.88.5.183
218.54.28.139
Targets
-
-
Target
NEAS.79f32ad8875d9c96a538ab5894973571_JC.exe
-
Size
141KB
-
MD5
79f32ad8875d9c96a538ab5894973571
-
SHA1
f83a9084b7ef7e7031a061c69c254aa3156a17e1
-
SHA256
f47dac99ccfaf1d1e12273bfc0ec20db9bfa85a111b9c754ca9e209133f11a6e
-
SHA512
8f9a8dfab3e9274b0fd44ee9303d9b86f467a650366688895437e92eede201f5272347771914ca85f5879e898f17f9235f9df309a435997dc657cc267d57455f
-
SSDEEP
3072:K3kHmMsmRUOMfCECCeZlmgchdvz6xs9PY0X85jx08aAP52jKR2jKqRWX:zHbRUOqwC4mgg44jKojKqRy
Score10/10-
Urelas
Urelas is a trojan targeting card games.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-