Overview

overview

10

Static

static

10

8b5af3bfd0...21.exe

windows7-x64

10

8b5af3bfd0...21.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8b5af3bfd0e7ee1b5755679a196c7a651397e97e26a3eccdce31a74e310e0b21

  • Size

    343KB

  • Sample

    240314-1ay7hshf99

  • MD5

    39d3b86f9e8cf53ae91e37b591271ea2

  • SHA1

    163cfe040644500164b2ef914cef0d00ef1225e9

  • SHA256

    8b5af3bfd0e7ee1b5755679a196c7a651397e97e26a3eccdce31a74e310e0b21

  • SHA512

    cdc41c741fe321571c06bff183db762f5b74ee06b6a00afeb1335d900c4a5fb8f052930a4c77500fe5328b912dfccd0f3a8a1fecdfd2b34862b98e1f90189f2f

  • SSDEEP

    6144:SF/gEKyOAuuHcqXt96bHa+bZu0k6XCCbd2CKcwA2x9G+84AmGSncH:SF/gVyduuHv946gZ6bCbd2qspnA6g

Score
10/10
urelastrojan

Malware Config

Extracted

Family

urelas

C2

1.234.83.146

133.242.129.155

218.54.31.226

218.54.30.235

218.54.31.165

Targets

    • Target

      8b5af3bfd0e7ee1b5755679a196c7a651397e97e26a3eccdce31a74e310e0b21

    • Size

      343KB

    • MD5

      39d3b86f9e8cf53ae91e37b591271ea2

    • SHA1

      163cfe040644500164b2ef914cef0d00ef1225e9

    • SHA256

      8b5af3bfd0e7ee1b5755679a196c7a651397e97e26a3eccdce31a74e310e0b21

    • SHA512

      cdc41c741fe321571c06bff183db762f5b74ee06b6a00afeb1335d900c4a5fb8f052930a4c77500fe5328b912dfccd0f3a8a1fecdfd2b34862b98e1f90189f2f

    • SSDEEP

      6144:SF/gEKyOAuuHcqXt96bHa+bZu0k6XCCbd2CKcwA2x9G+84AmGSncH:SF/gVyduuHv946gZ6bCbd2qspnA6g

    Score
    10/10
    urelastrojan

    • Urelas

      Urelas is a trojan targeting card games.

      trojanurelas

    • Detects executables built or packed with MPress PE compressor

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks