Overview

overview

10

Static

static

3

NEAS.e085d...30.exe

windows7-x64

10

NEAS.e085d...30.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    NEAS.e085d4070eb80e14b0af151cd1692330.exe

  • Size

    316KB

  • Sample

    231104-ktn8naec41

  • MD5

    e085d4070eb80e14b0af151cd1692330

  • SHA1

    42b9f24ea8d6fb8bc1cb951fa857ed41035e91c8

  • SHA256

    d9cc830c8e6f146ffcc31c9209545500ebd97515e47d85bb35a26416327ba88c

  • SHA512

    7f28c5ac6262709d1af0870ed39e5aee9026c05922b91353b3764685cc31c7fd696f01502dda84b37a863a766f7be6217cb45c54f7377f9d424d0511a9046849

  • SSDEEP

    6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+Xx:vHW138/iXWlK885rKlGSekcj66cix

Score
10/10
urelastrojan

Malware Config

Extracted

Family

urelas

C2

218.54.31.226

218.54.31.165

218.54.31.166

Targets

    • Target

      NEAS.e085d4070eb80e14b0af151cd1692330.exe

    • Size

      316KB

    • MD5

      e085d4070eb80e14b0af151cd1692330

    • SHA1

      42b9f24ea8d6fb8bc1cb951fa857ed41035e91c8

    • SHA256

      d9cc830c8e6f146ffcc31c9209545500ebd97515e47d85bb35a26416327ba88c

    • SHA512

      7f28c5ac6262709d1af0870ed39e5aee9026c05922b91353b3764685cc31c7fd696f01502dda84b37a863a766f7be6217cb45c54f7377f9d424d0511a9046849

    • SSDEEP

      6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+Xx:vHW138/iXWlK885rKlGSekcj66cix

    Score
    10/10
    urelastrojan

    • Urelas

      Urelas is a trojan targeting card games.

      trojanurelas

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks