Overview

overview

10

Static

static

3

03be794202...b8.exe

windows7-x64

10

03be794202...b8.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    03be7942023f8a6b767b51fe18b018b8

  • Size

    95KB

  • Sample

    231229-zqcg1sghcr

  • MD5

    03be7942023f8a6b767b51fe18b018b8

  • SHA1

    52107bae9da2f1d2de6df8a89e564e2934cedeec

  • SHA256

    d5295dcd878f03515473703afa8d8b6108f0073ef6622d06d1ed962d9c5f0255

  • SHA512

    2fa43273cd0aeade5e0e49faa4a2881ab5693277746bee6182277c2de28cd66e01d4cba7c715cb648b1e93cfd1626bf0ada51b216039203ac32383b27b221870

  • SSDEEP

    1536:nwhq8V9IpPf2lgiIJ4pivJnuNVueC39GdBR3M9co:nqV9MziU4piRun7C3CP3Mb

Score
10/10
urelastrojan

Malware Config

Extracted

Family

urelas

C2

112.175.88.208

112.175.88.209

112.175.88.207

Targets

    • Target

      03be7942023f8a6b767b51fe18b018b8

    • Size

      95KB

    • MD5

      03be7942023f8a6b767b51fe18b018b8

    • SHA1

      52107bae9da2f1d2de6df8a89e564e2934cedeec

    • SHA256

      d5295dcd878f03515473703afa8d8b6108f0073ef6622d06d1ed962d9c5f0255

    • SHA512

      2fa43273cd0aeade5e0e49faa4a2881ab5693277746bee6182277c2de28cd66e01d4cba7c715cb648b1e93cfd1626bf0ada51b216039203ac32383b27b221870

    • SSDEEP

      1536:nwhq8V9IpPf2lgiIJ4pivJnuNVueC39GdBR3M9co:nqV9MziU4piRun7C3CP3Mb

    Score
    10/10
    urelastrojan

    • Urelas

      Urelas is a trojan targeting card games.

      trojanurelas

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks