General

  • Target

    534f27310a73f9b943eef9a36e54d76deafc9c12078a71a33355108946a0f442

  • Size

    481KB

  • Sample

    240311-1hah5ahb93

  • MD5

    c47b47cc9cade980dec9ec8da5fb8301

  • SHA1

    288651c0df931125c34afacd8f174db3010e254a

  • SHA256

    534f27310a73f9b943eef9a36e54d76deafc9c12078a71a33355108946a0f442

  • SHA512

    2518a94234d5cdc82673a98678c6dc8c6d2fd4a6412370c6f4fe212e5456173c08aef7da40ae4a01843b5f213bee7b0800b07724c02a0ced03a3dbf85048cf41

  • SSDEEP

    12288:k2PxDgZo3ijniea8Xih9abyNK95ZA9u3y2XWb+:k2SLi7oih9abvceZ

Score
10/10

Malware Config

Extracted

Family

urelas

C2

1.234.83.146

133.242.129.155

218.54.31.226

218.54.30.235

218.54.31.165

Targets

    • Target

      534f27310a73f9b943eef9a36e54d76deafc9c12078a71a33355108946a0f442

    • Size

      481KB

    • MD5

      c47b47cc9cade980dec9ec8da5fb8301

    • SHA1

      288651c0df931125c34afacd8f174db3010e254a

    • SHA256

      534f27310a73f9b943eef9a36e54d76deafc9c12078a71a33355108946a0f442

    • SHA512

      2518a94234d5cdc82673a98678c6dc8c6d2fd4a6412370c6f4fe212e5456173c08aef7da40ae4a01843b5f213bee7b0800b07724c02a0ced03a3dbf85048cf41

    • SSDEEP

      12288:k2PxDgZo3ijniea8Xih9abyNK95ZA9u3y2XWb+:k2SLi7oih9abvceZ

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks