General

  • Target

    c10b0cab7ccfb9036652d146044bab89

  • Size

    49KB

  • Sample

    240311-ttxpgabc65

  • MD5

    c10b0cab7ccfb9036652d146044bab89

  • SHA1

    219ed2ee40b3138e0d4eb8b3e7f48fed5960561b

  • SHA256

    b44ad5ee63049b040befd55574f8ff59effae96a72b9ee18f684ab0ad37559ce

  • SHA512

    abe4b15044b983e303f9bc04b63f48ec909dafbeacee6e9a6b0434f8706eb65562a0559779e533a9d238920605e5396fd2a1e76aa1c117dba8b51ba04b32646e

  • SSDEEP

    1536:834/PC7Ruz3hRXRASULZ6JKYdbzcmhCZnV:It7R8fU6n8V

Score
10/10

Malware Config

Extracted

Family

urelas

C2

112.175.88.207

112.175.88.208

Targets

    • Target

      c10b0cab7ccfb9036652d146044bab89

    • Size

      49KB

    • MD5

      c10b0cab7ccfb9036652d146044bab89

    • SHA1

      219ed2ee40b3138e0d4eb8b3e7f48fed5960561b

    • SHA256

      b44ad5ee63049b040befd55574f8ff59effae96a72b9ee18f684ab0ad37559ce

    • SHA512

      abe4b15044b983e303f9bc04b63f48ec909dafbeacee6e9a6b0434f8706eb65562a0559779e533a9d238920605e5396fd2a1e76aa1c117dba8b51ba04b32646e

    • SSDEEP

      1536:834/PC7Ruz3hRXRASULZ6JKYdbzcmhCZnV:It7R8fU6n8V

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks