General

  • Target

    2f356ea26b925e52a99008a52266e6f409b66c2271fc91a50faa501a9081ca3f

  • Size

    200KB

  • Sample

    240310-yz5dqabe5y

  • MD5

    d791845fba6c437f98b3473ce3174e61

  • SHA1

    db14f5e49882539097acc2537acf8a7d400e09e0

  • SHA256

    2f356ea26b925e52a99008a52266e6f409b66c2271fc91a50faa501a9081ca3f

  • SHA512

    7d4c99f9ba9f449ee733b216677487f3fd7e11df903d967b063f87e261e70b5602eaf9b82bab1738f513d4dd971982d79fffe2812ba1ecb993ace5b33973f83d

  • SSDEEP

    3072:5lFv8dvfdEDRmycmX260p850GAqjuVZ6rNOaVls:5/v8trzl25YqjuCNVls

Score
10/10

Malware Config

Extracted

Family

urelas

C2

218.54.47.76

218.54.47.77

218.54.47.74

Targets

    • Target

      2f356ea26b925e52a99008a52266e6f409b66c2271fc91a50faa501a9081ca3f

    • Size

      200KB

    • MD5

      d791845fba6c437f98b3473ce3174e61

    • SHA1

      db14f5e49882539097acc2537acf8a7d400e09e0

    • SHA256

      2f356ea26b925e52a99008a52266e6f409b66c2271fc91a50faa501a9081ca3f

    • SHA512

      7d4c99f9ba9f449ee733b216677487f3fd7e11df903d967b063f87e261e70b5602eaf9b82bab1738f513d4dd971982d79fffe2812ba1ecb993ace5b33973f83d

    • SSDEEP

      3072:5lFv8dvfdEDRmycmX260p850GAqjuVZ6rNOaVls:5/v8trzl25YqjuCNVls

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks