General

  • Target

    bf2309dbd96eebd9363d084b82ebcc4f

  • Size

    509KB

  • Sample

    240310-vjgqyagf74

  • MD5

    bf2309dbd96eebd9363d084b82ebcc4f

  • SHA1

    25d2152493d79e514d19833c4c550bfd7845c34b

  • SHA256

    361b7f991aeab5bd219359a6e408d50af31817327fe43c75101fbf7fd239c9d9

  • SHA512

    5993bb59cb6beb7fd78313c70c675245ffe77d1158dd3f0855a8a5443d28d16538a3eec7fca5b62d73348bd95c902c3776a16511726b477f7397b113e697285b

  • SSDEEP

    12288:j/fCEOMsm8nc3qWQ8wqKhb43nLl5tDrXlFk:j/D0caF8wvhb43pDbk

Score
10/10

Malware Config

Extracted

Family

urelas

C2

1.234.83.146

133.242.129.155

218.54.31.226

218.54.30.235

218.54.31.165

Targets

    • Target

      bf2309dbd96eebd9363d084b82ebcc4f

    • Size

      509KB

    • MD5

      bf2309dbd96eebd9363d084b82ebcc4f

    • SHA1

      25d2152493d79e514d19833c4c550bfd7845c34b

    • SHA256

      361b7f991aeab5bd219359a6e408d50af31817327fe43c75101fbf7fd239c9d9

    • SHA512

      5993bb59cb6beb7fd78313c70c675245ffe77d1158dd3f0855a8a5443d28d16538a3eec7fca5b62d73348bd95c902c3776a16511726b477f7397b113e697285b

    • SSDEEP

      12288:j/fCEOMsm8nc3qWQ8wqKhb43nLl5tDrXlFk:j/D0caF8wvhb43pDbk

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks