General

  • Target

    6bf498cd0ea7b1cef0619ee0f95081af01fffb4a613cf3cc8c7515623d5ad978

  • Size

    328KB

  • Sample

    240311-2jdslsae42

  • MD5

    29172c338d7bebcd8090d63d893ca7c5

  • SHA1

    91106422906d39dbc6923502ba3f4339d7a95c09

  • SHA256

    6bf498cd0ea7b1cef0619ee0f95081af01fffb4a613cf3cc8c7515623d5ad978

  • SHA512

    64e87cc8cfbfcbc5e79911a1df56599b716953670e8e6856c83ab6031ad535d24a5533892db7c0450fc6a0e936d2bc420329d24e6ffe8238878ed1191dd0fae9

  • SSDEEP

    6144:sY4zSop9m06QbGTCnTRoOIH3FPA7AthtLpH:PkXpd6jqiOIHZAK

Score
10/10

Malware Config

Extracted

Family

urelas

C2

218.54.31.165

218.54.31.226

Targets

    • Target

      6bf498cd0ea7b1cef0619ee0f95081af01fffb4a613cf3cc8c7515623d5ad978

    • Size

      328KB

    • MD5

      29172c338d7bebcd8090d63d893ca7c5

    • SHA1

      91106422906d39dbc6923502ba3f4339d7a95c09

    • SHA256

      6bf498cd0ea7b1cef0619ee0f95081af01fffb4a613cf3cc8c7515623d5ad978

    • SHA512

      64e87cc8cfbfcbc5e79911a1df56599b716953670e8e6856c83ab6031ad535d24a5533892db7c0450fc6a0e936d2bc420329d24e6ffe8238878ed1191dd0fae9

    • SSDEEP

      6144:sY4zSop9m06QbGTCnTRoOIH3FPA7AthtLpH:PkXpd6jqiOIHZAK

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks