General

  • Target

    bf26196379ccb4db51f8187bf5724769

  • Size

    401KB

  • Sample

    240310-vm73asha6s

  • MD5

    bf26196379ccb4db51f8187bf5724769

  • SHA1

    3cab086a8200d17b5f3f2170cab25c00b697af9f

  • SHA256

    7637a8e8688690ceb440cc9670e9c4ea5daeb70704ed092af47a7d140d57f271

  • SHA512

    3a589526c1ffc2eed709a5c85356e7deb95dc5083103e8f43c325ca5516591d4663f253367b1ff61d361219ce30bfc37205c038f2e637bb939968acc943153d2

  • SSDEEP

    6144:85SXvBoDWoyLYyzbkPC4DYM6SB6v+qLnAzYmhwrxcvkzmSBrohb:8IfBoDWoyFblU6hAJQnO1

Score
10/10

Malware Config

Extracted

Family

urelas

C2

218.54.31.165

218.54.31.226

Targets

    • Target

      bf26196379ccb4db51f8187bf5724769

    • Size

      401KB

    • MD5

      bf26196379ccb4db51f8187bf5724769

    • SHA1

      3cab086a8200d17b5f3f2170cab25c00b697af9f

    • SHA256

      7637a8e8688690ceb440cc9670e9c4ea5daeb70704ed092af47a7d140d57f271

    • SHA512

      3a589526c1ffc2eed709a5c85356e7deb95dc5083103e8f43c325ca5516591d4663f253367b1ff61d361219ce30bfc37205c038f2e637bb939968acc943153d2

    • SSDEEP

      6144:85SXvBoDWoyLYyzbkPC4DYM6SB6v+qLnAzYmhwrxcvkzmSBrohb:8IfBoDWoyFblU6hAJQnO1

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks