General

  • Target

    5fd37e2e6e3334a27efff00cc2d5eba230e8d166c88e71f54fb82ef98e7a798d

  • Size

    459KB

  • Sample

    240311-1zzvcahg63

  • MD5

    4eb0c5ed8aad3c5dfa5f383daa1bbe00

  • SHA1

    96ef3f3a4cd957cd26459e2958320eebf5b89975

  • SHA256

    5fd37e2e6e3334a27efff00cc2d5eba230e8d166c88e71f54fb82ef98e7a798d

  • SHA512

    e6a8e46156c1564d6f646597353887d415025d7bd8cf3832c093232cc12567a10807b842532740d66e6defe54fc348f1de65d785eab8a6c4bba1bb3b4fe6deb9

  • SSDEEP

    6144:LEK25f5ySIcWLsxIIW4DYM6SB6v+qLnAzYmhVOpdFRdm/3lxl:LMpASIcWYx2U6hAJVNZ

Score
10/10

Malware Config

Extracted

Family

urelas

C2

218.54.31.165

218.54.31.226

Targets

    • Target

      5fd37e2e6e3334a27efff00cc2d5eba230e8d166c88e71f54fb82ef98e7a798d

    • Size

      459KB

    • MD5

      4eb0c5ed8aad3c5dfa5f383daa1bbe00

    • SHA1

      96ef3f3a4cd957cd26459e2958320eebf5b89975

    • SHA256

      5fd37e2e6e3334a27efff00cc2d5eba230e8d166c88e71f54fb82ef98e7a798d

    • SHA512

      e6a8e46156c1564d6f646597353887d415025d7bd8cf3832c093232cc12567a10807b842532740d66e6defe54fc348f1de65d785eab8a6c4bba1bb3b4fe6deb9

    • SSDEEP

      6144:LEK25f5ySIcWLsxIIW4DYM6SB6v+qLnAzYmhVOpdFRdm/3lxl:LMpASIcWYx2U6hAJVNZ

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks