Overview

overview

10

Static

static

10

NEAS.d8c5d...c0.exe

windows7-x64

10

NEAS.d8c5d...c0.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    NEAS.d8c5dcba0144f9557cd411ef70f3b3c0.exe

  • Size

    123KB

  • Sample

    231103-pvfp5aad6z

  • MD5

    d8c5dcba0144f9557cd411ef70f3b3c0

  • SHA1

    51bfb70c286193f604131e83e80031b3a4e22297

  • SHA256

    126ad942766d4aa10279c14c3ebe7b8911edb87542c83ea74f923583b068a112

  • SHA512

    d7717705c0389f6e5371c25f74b81bbffc3ef1df84fa4360bf6a623675de561a58c89fb56c3b52cedde8a22dd8a5267d223d5620c6234bd09daf79ba58077d17

  • SSDEEP

    1536:Ko6JdvxttIBcXISDPV2Mhg3GkFceersWjcd06UsfqW2vxq6Uw:iHC6D92O8n7eU06UsfUpqC

Score
10/10
urelastrojan

Malware Config

Extracted

Family

urelas

C2

112.175.88.209

112.175.88.207

112.175.88.208

Targets

    • Target

      NEAS.d8c5dcba0144f9557cd411ef70f3b3c0.exe

    • Size

      123KB

    • MD5

      d8c5dcba0144f9557cd411ef70f3b3c0

    • SHA1

      51bfb70c286193f604131e83e80031b3a4e22297

    • SHA256

      126ad942766d4aa10279c14c3ebe7b8911edb87542c83ea74f923583b068a112

    • SHA512

      d7717705c0389f6e5371c25f74b81bbffc3ef1df84fa4360bf6a623675de561a58c89fb56c3b52cedde8a22dd8a5267d223d5620c6234bd09daf79ba58077d17

    • SSDEEP

      1536:Ko6JdvxttIBcXISDPV2Mhg3GkFceersWjcd06UsfqW2vxq6Uw:iHC6D92O8n7eU06UsfUpqC

    Score
    10/10
    urelastrojan

    • Urelas

      Urelas is a trojan targeting card games.

      trojanurelas

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks