Overview

overview

10

Static

static

10

NEAS.NEASe...JC.exe

windows7-x64

10

NEAS.NEASe...JC.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    NEAS.NEASe0afc8c68348bb4437f76fd65224a9ffexe_JC.exe

  • Size

    197KB

  • Sample

    231016-rgdpqaac33

  • MD5

    e0afc8c68348bb4437f76fd65224a9ff

  • SHA1

    b532486f6e6044ebce46a67769c0cba5d767f1bc

  • SHA256

    9fdd8257e221b382c325d1458cd560eb8cdbdce8f8b99ab83223b0a3bc850dbf

  • SHA512

    8d25cf60c9ead5fddcf05f88c1162ea379225a0782ccb361fcba38eff0eb47382c94f21bd8effe1b3ea5ff7ab805abff0176da5a1a2265da2e3aac4a9e9f0787

  • SSDEEP

    3072:gAwixCZ6Sh77R2Gpf606U8v0e7OIgPDFIbbzhPM67fIhgL4SY:gExhk7rh7NEOIYWlPM6r6WY

Score
10/10
urelastrojan

Malware Config

Extracted

Family

urelas

C2

218.54.47.76

218.54.47.77

218.54.47.74

Targets

    • Target

      NEAS.NEASe0afc8c68348bb4437f76fd65224a9ffexe_JC.exe

    • Size

      197KB

    • MD5

      e0afc8c68348bb4437f76fd65224a9ff

    • SHA1

      b532486f6e6044ebce46a67769c0cba5d767f1bc

    • SHA256

      9fdd8257e221b382c325d1458cd560eb8cdbdce8f8b99ab83223b0a3bc850dbf

    • SHA512

      8d25cf60c9ead5fddcf05f88c1162ea379225a0782ccb361fcba38eff0eb47382c94f21bd8effe1b3ea5ff7ab805abff0176da5a1a2265da2e3aac4a9e9f0787

    • SSDEEP

      3072:gAwixCZ6Sh77R2Gpf606U8v0e7OIgPDFIbbzhPM67fIhgL4SY:gExhk7rh7NEOIYWlPM6r6WY

    Score
    10/10
    urelastrojan

    • Urelas

      Urelas is a trojan targeting card games.

      trojanurelas

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks