General

  • Target

    0967e7e79373df5feb3a28c00d2b392543b6fa10641c387d44297d313fb395e2

  • Size

    398KB

  • Sample

    240311-xj9g3adc66

  • MD5

    46215248a8dbf6ca522372e0197047ba

  • SHA1

    9132feaef7295244343ba6e03631cc12e177f7eb

  • SHA256

    0967e7e79373df5feb3a28c00d2b392543b6fa10641c387d44297d313fb395e2

  • SHA512

    d1b00e0b0dfc1abcc52e9c403fbcfcd065cf6ca54485df0bdd64300028213d36daedf283e17a5ff1d07780530417a266e75d9be249b2bd6797cc4320dc29d60c

  • SSDEEP

    6144:1sa1jZVgy03se7k5kBTTg7YMz6j8GuHEqqtKKUrBwj3bT3Rz3v:rtVgyuse2kBXg7Cj81cKK7jfRf

Score
10/10

Malware Config

Extracted

Family

urelas

C2

1.234.83.146

133.242.129.155

218.54.31.165

218.54.31.226

Targets

    • Target

      0967e7e79373df5feb3a28c00d2b392543b6fa10641c387d44297d313fb395e2

    • Size

      398KB

    • MD5

      46215248a8dbf6ca522372e0197047ba

    • SHA1

      9132feaef7295244343ba6e03631cc12e177f7eb

    • SHA256

      0967e7e79373df5feb3a28c00d2b392543b6fa10641c387d44297d313fb395e2

    • SHA512

      d1b00e0b0dfc1abcc52e9c403fbcfcd065cf6ca54485df0bdd64300028213d36daedf283e17a5ff1d07780530417a266e75d9be249b2bd6797cc4320dc29d60c

    • SSDEEP

      6144:1sa1jZVgy03se7k5kBTTg7YMz6j8GuHEqqtKKUrBwj3bT3Rz3v:rtVgyuse2kBXg7Cj81cKK7jfRf

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks