General

  • Target

    cd6a3106c742e5d6dd63008256d58f2c

  • Size

    690KB

  • Sample

    240316-htfv6sgb28

  • MD5

    cd6a3106c742e5d6dd63008256d58f2c

  • SHA1

    55281841b9ea87ee96d5d466d07e325d430af5dc

  • SHA256

    16d9b32afccadd1263cd10e7d3206fa8c8ad31001a489b2e2fd2276ee9dee515

  • SHA512

    cdc039de227e3932e1acffd464da1cd278941631d9ebe0f512e80c55fc61b7ac667ef7e79a29d9ed6d01bd367acc01c11a4dcb2784936415cc49ac65220c90a0

  • SSDEEP

    12288:LUyI6hJQglQA0IWb8DmPySxEuBZDxywHBlP94jpguwDxXlZ1nre:dVh6gl6Iy8R9+ZdnnP94jpgl9Bnre

Score
10/10

Malware Config

Extracted

Family

urelas

C2

218.54.31.226

218.54.31.165

Targets

    • Target

      cd6a3106c742e5d6dd63008256d58f2c

    • Size

      690KB

    • MD5

      cd6a3106c742e5d6dd63008256d58f2c

    • SHA1

      55281841b9ea87ee96d5d466d07e325d430af5dc

    • SHA256

      16d9b32afccadd1263cd10e7d3206fa8c8ad31001a489b2e2fd2276ee9dee515

    • SHA512

      cdc039de227e3932e1acffd464da1cd278941631d9ebe0f512e80c55fc61b7ac667ef7e79a29d9ed6d01bd367acc01c11a4dcb2784936415cc49ac65220c90a0

    • SSDEEP

      12288:LUyI6hJQglQA0IWb8DmPySxEuBZDxywHBlP94jpguwDxXlZ1nre:dVh6gl6Iy8R9+ZdnnP94jpgl9Bnre

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks