General

  • Target

    8cc9a4a8b3def7b590eca8cf14c0b5c7d668b6df51759d51d961565471c43981

  • Size

    168KB

  • Sample

    240311-3wsmzaaa2s

  • MD5

    573da74cd5011995db6b2b69f0c15508

  • SHA1

    0bbeb9cc184d0269adae6978cbbc587a76842a3b

  • SHA256

    8cc9a4a8b3def7b590eca8cf14c0b5c7d668b6df51759d51d961565471c43981

  • SHA512

    36d9968831acdeeb22d33fd20402333a7de6390ee77b09ade67d5106e20b916fba7f75518f7b323d3650e00b71f1549b09cf0ecb48331b500e491ceccc137903

  • SSDEEP

    1536:DavuZofG6xd6vsi0exJ1WjDebHXUuZcKRswBIg0fUQwYzbQo0gpd86lMQeGz:DAuZXvwYkYcKNeFVz8o0gpGsMQeM

Score
10/10

Malware Config

Extracted

Family

urelas

C2

121.88.5.183

218.54.28.139

Targets

    • Target

      8cc9a4a8b3def7b590eca8cf14c0b5c7d668b6df51759d51d961565471c43981

    • Size

      168KB

    • MD5

      573da74cd5011995db6b2b69f0c15508

    • SHA1

      0bbeb9cc184d0269adae6978cbbc587a76842a3b

    • SHA256

      8cc9a4a8b3def7b590eca8cf14c0b5c7d668b6df51759d51d961565471c43981

    • SHA512

      36d9968831acdeeb22d33fd20402333a7de6390ee77b09ade67d5106e20b916fba7f75518f7b323d3650e00b71f1549b09cf0ecb48331b500e491ceccc137903

    • SSDEEP

      1536:DavuZofG6xd6vsi0exJ1WjDebHXUuZcKRswBIg0fUQwYzbQo0gpd86lMQeGz:DAuZXvwYkYcKNeFVz8o0gpGsMQeM

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks