General

  • Target

    cd3eebdced18181a9cdb759ed96e984f

  • Size

    196KB

  • Sample

    240316-gbdseseh49

  • MD5

    cd3eebdced18181a9cdb759ed96e984f

  • SHA1

    b7fa2d11da9f870cc261735d1fe491fdedcf112a

  • SHA256

    68dc4083b2ec7f6063c5a8f39849938531fd89032c69c83e6f63440944b01d33

  • SHA512

    d785df1651f35b106654d03c54eb4e2c9ba11cda78bda610a537ab5631c432f06c9afb26e1d5c376e717901fe614a779fa5594709fd5fbdf146c74e6e41fc741

  • SSDEEP

    1536:kUqOou3xsUK2ZM+o5RtWVszFiiDsR7ToP/7OYhVWU2gzeNHYoIeC34/PC7Ruz3hK:3yuTOfolTlYHB+HYoIe+t7R8fU6n8/

Score
10/10

Malware Config

Extracted

Family

urelas

C2

112.175.88.207

112.175.88.208

Targets

    • Target

      cd3eebdced18181a9cdb759ed96e984f

    • Size

      196KB

    • MD5

      cd3eebdced18181a9cdb759ed96e984f

    • SHA1

      b7fa2d11da9f870cc261735d1fe491fdedcf112a

    • SHA256

      68dc4083b2ec7f6063c5a8f39849938531fd89032c69c83e6f63440944b01d33

    • SHA512

      d785df1651f35b106654d03c54eb4e2c9ba11cda78bda610a537ab5631c432f06c9afb26e1d5c376e717901fe614a779fa5594709fd5fbdf146c74e6e41fc741

    • SSDEEP

      1536:kUqOou3xsUK2ZM+o5RtWVszFiiDsR7ToP/7OYhVWU2gzeNHYoIeC34/PC7Ruz3hK:3yuTOfolTlYHB+HYoIe+t7R8fU6n8/

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks