Overview

overview

10

Static

static

3

6216b85de9...ee.exe

windows7-x64

10

6216b85de9...ee.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6216b85de94cf4efc18d55b471757f97a880f4cde184d9910a5acca1706825ee

  • Size

    339KB

  • Sample

    240305-zx3yjsad33

  • MD5

    aaf6daf57653ece3c9c3f1dae8666d76

  • SHA1

    f5b0053722e36485520d9502411d77f7e8de3059

  • SHA256

    6216b85de94cf4efc18d55b471757f97a880f4cde184d9910a5acca1706825ee

  • SHA512

    30e5c85bf7ca64c21df3db81714d78e56ed100ede255f357abf369863bde2906ed0d932132e1447025221523155b1537f3afdb11e19f4a5539067cae067e2258

  • SSDEEP

    6144:b/qE9d70WIH9wFHf+MQYVA5TDT44zuQOIFlUMazNWHT7+U:uGIWiiHWnesT/483OciyH

Score
10/10
urelastrojanupx

Malware Config

Extracted

Family

urelas

C2

1.234.83.146

133.242.129.155

218.54.31.226

218.54.31.165

Targets

    • Target

      6216b85de94cf4efc18d55b471757f97a880f4cde184d9910a5acca1706825ee

    • Size

      339KB

    • MD5

      aaf6daf57653ece3c9c3f1dae8666d76

    • SHA1

      f5b0053722e36485520d9502411d77f7e8de3059

    • SHA256

      6216b85de94cf4efc18d55b471757f97a880f4cde184d9910a5acca1706825ee

    • SHA512

      30e5c85bf7ca64c21df3db81714d78e56ed100ede255f357abf369863bde2906ed0d932132e1447025221523155b1537f3afdb11e19f4a5539067cae067e2258

    • SSDEEP

      6144:b/qE9d70WIH9wFHf+MQYVA5TDT44zuQOIFlUMazNWHT7+U:uGIWiiHWnesT/483OciyH

    Score
    10/10
    urelastrojanupx

    • Urelas

      Urelas is a trojan targeting card games.

      trojanurelas

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks