General

  • Target

    ff827a5b7c14cd3dc6f2298b53d0b387bda18d5be9c0756a818f9e2dbf117711

  • Size

    320KB

  • Sample

    240310-cm98jshe84

  • MD5

    0c47e76b18487680212faef76232d02f

  • SHA1

    286cc80ceaa22a08347182b9592b7690132fd9e0

  • SHA256

    ff827a5b7c14cd3dc6f2298b53d0b387bda18d5be9c0756a818f9e2dbf117711

  • SHA512

    16056a7b1748ebe0901ffa3d5d9b642d096a64b466283ebf0fc8d67b87230967e3d29a2899ff8a683f963d439feab47e66b2d3fe992e7fab47866d359ac05a45

  • SSDEEP

    6144:PU0USPuHKKAsgBZg178Z+Snk6Fpwlw8RmuZSz8VdPbMK95BL7jGjFUHpJ+MBV:2SPXSzJSk6FpwlzmupVdjx5B/mFYJ+w

Score
10/10

Malware Config

Extracted

Family

urelas

C2

218.54.31.226

218.54.31.165

Targets

    • Target

      ff827a5b7c14cd3dc6f2298b53d0b387bda18d5be9c0756a818f9e2dbf117711

    • Size

      320KB

    • MD5

      0c47e76b18487680212faef76232d02f

    • SHA1

      286cc80ceaa22a08347182b9592b7690132fd9e0

    • SHA256

      ff827a5b7c14cd3dc6f2298b53d0b387bda18d5be9c0756a818f9e2dbf117711

    • SHA512

      16056a7b1748ebe0901ffa3d5d9b642d096a64b466283ebf0fc8d67b87230967e3d29a2899ff8a683f963d439feab47e66b2d3fe992e7fab47866d359ac05a45

    • SSDEEP

      6144:PU0USPuHKKAsgBZg178Z+Snk6Fpwlw8RmuZSz8VdPbMK95BL7jGjFUHpJ+MBV:2SPXSzJSk6FpwlzmupVdjx5B/mFYJ+w

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks