General

  • Target

    2735faa988beec957812f2362ce4604c40b74a0048a4927b3f8b37a90de8ba4d

  • Size

    453KB

  • Sample

    240311-yqp8faeh48

  • MD5

    e0bc6bbb19bccf577719290168a5fb74

  • SHA1

    c3cbc742952cc033537fa12d00059a9ed23738ad

  • SHA256

    2735faa988beec957812f2362ce4604c40b74a0048a4927b3f8b37a90de8ba4d

  • SHA512

    a39e3d3891315bf5ca097e9dd7c8f82ea7b4910ee14a24d1d7254113cfc610244ed039ae08a0f2767315b16cc259536ab29b9c0fddecafc0a14adcf5eb404e73

  • SSDEEP

    6144:PEK25f5ySIcWLsxIIW4DYM6SB6v+qLnAzYmhwrxcvkzmSOpoY:PMpASIcWYx2U6hAJQnM

Score
10/10

Malware Config

Extracted

Family

urelas

C2

218.54.31.165

218.54.31.226

Targets

    • Target

      2735faa988beec957812f2362ce4604c40b74a0048a4927b3f8b37a90de8ba4d

    • Size

      453KB

    • MD5

      e0bc6bbb19bccf577719290168a5fb74

    • SHA1

      c3cbc742952cc033537fa12d00059a9ed23738ad

    • SHA256

      2735faa988beec957812f2362ce4604c40b74a0048a4927b3f8b37a90de8ba4d

    • SHA512

      a39e3d3891315bf5ca097e9dd7c8f82ea7b4910ee14a24d1d7254113cfc610244ed039ae08a0f2767315b16cc259536ab29b9c0fddecafc0a14adcf5eb404e73

    • SSDEEP

      6144:PEK25f5ySIcWLsxIIW4DYM6SB6v+qLnAzYmhwrxcvkzmSOpoY:PMpASIcWYx2U6hAJQnM

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks