General

  • Target

    4d735d09465081e1a4aa9e0b747215dc

  • Size

    382KB

  • Sample

    240229-v6a7nsgd52

  • MD5

    4d735d09465081e1a4aa9e0b747215dc

  • SHA1

    584795b09022b3939275de63fb42ce6a6104acf5

  • SHA256

    2ff718c1e695f502caf4764f73a9f144850ca6fb6df5e1e3ca5ad3137fc29326

  • SHA512

    743a08f5a61eb97187d3c4a327e439bb8d6c5109879271d71566cfb9fb5149d3606afd9570070e724bb767016c533aa5907686bbbd6bef41a78641b9d8da8c32

  • SSDEEP

    6144:GKMvNQn2DlydH3L9KyGdZIoH5j9u7Q2N0Idgm3wIypgIkI:MV22DlydH3hydZI45P2WUgm37t6

Score
10/10

Malware Config

Extracted

Family

urelas

C2

1.234.83.146

133.242.129.155

218.54.31.226

218.54.30.235

Targets

    • Target

      4d735d09465081e1a4aa9e0b747215dc

    • Size

      382KB

    • MD5

      4d735d09465081e1a4aa9e0b747215dc

    • SHA1

      584795b09022b3939275de63fb42ce6a6104acf5

    • SHA256

      2ff718c1e695f502caf4764f73a9f144850ca6fb6df5e1e3ca5ad3137fc29326

    • SHA512

      743a08f5a61eb97187d3c4a327e439bb8d6c5109879271d71566cfb9fb5149d3606afd9570070e724bb767016c533aa5907686bbbd6bef41a78641b9d8da8c32

    • SSDEEP

      6144:GKMvNQn2DlydH3L9KyGdZIoH5j9u7Q2N0Idgm3wIypgIkI:MV22DlydH3hydZI45P2WUgm37t6

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • ASPack v2.12-2.42

      Detects executables packed with ASPack v2.12-2.42

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks