General

  • Target

    5b2cba76289e0231299e16502a4c770d5c96e3a9a6fee77f1f659608c5ba80ae

  • Size

    173KB

  • Sample

    240311-1s9e7she79

  • MD5

    c84aa0e4fb4e16197650036640cf84f3

  • SHA1

    176e5aab85863cf33a9a05478ae1446e86e5394a

  • SHA256

    5b2cba76289e0231299e16502a4c770d5c96e3a9a6fee77f1f659608c5ba80ae

  • SHA512

    aac3547614453bf80233b85c19bf8db5b32ac0a8a174f16df0f5dfe1ee119714de798b14148809a1bc4cbac00532651f696605b7e1627c85e5be35b98be2eb4b

  • SSDEEP

    1536:JADA0Wbt1931D2P7BWLQ4zR4LUKMcPHFE3HP/GTW65CGEgvpCfcyn3N:JADA0Wc7UJ6LZMaHLW65DE8pCEQ9

Score
10/10

Malware Config

Extracted

Family

urelas

C2

112.175.88.208

112.175.88.207

Targets

    • Target

      5b2cba76289e0231299e16502a4c770d5c96e3a9a6fee77f1f659608c5ba80ae

    • Size

      173KB

    • MD5

      c84aa0e4fb4e16197650036640cf84f3

    • SHA1

      176e5aab85863cf33a9a05478ae1446e86e5394a

    • SHA256

      5b2cba76289e0231299e16502a4c770d5c96e3a9a6fee77f1f659608c5ba80ae

    • SHA512

      aac3547614453bf80233b85c19bf8db5b32ac0a8a174f16df0f5dfe1ee119714de798b14148809a1bc4cbac00532651f696605b7e1627c85e5be35b98be2eb4b

    • SSDEEP

      1536:JADA0Wbt1931D2P7BWLQ4zR4LUKMcPHFE3HP/GTW65CGEgvpCfcyn3N:JADA0Wc7UJ6LZMaHLW65DE8pCEQ9

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks