General

  • Target

    ce5405f149e80d6c4a71914dbbeda0c9

  • Size

    400KB

  • Sample

    240316-r71beafb67

  • MD5

    ce5405f149e80d6c4a71914dbbeda0c9

  • SHA1

    6263be965dfc0a9669c267798248aa42d02daa91

  • SHA256

    4b0dca6dea503388ed868c1a1ab38083e32909b780a8e218d062af2923aab5b5

  • SHA512

    9ab1659520f5b87d292e0ab73c8e75a2bedc3be43064701618bf07a7528de4cbf1fc904818059576ea3b82e22453c7e6edf310eab4940f67e9cc8287c09921d9

  • SSDEEP

    6144:85SXvBoDWoyLYyzbkPC4DYM6SB6v+qLnAzYmhwrxcvkzmSBroh8:8IfBoDWoyFblU6hAJQnO6

Score
10/10

Malware Config

Extracted

Family

urelas

C2

218.54.31.165

218.54.31.226

Targets

    • Target

      ce5405f149e80d6c4a71914dbbeda0c9

    • Size

      400KB

    • MD5

      ce5405f149e80d6c4a71914dbbeda0c9

    • SHA1

      6263be965dfc0a9669c267798248aa42d02daa91

    • SHA256

      4b0dca6dea503388ed868c1a1ab38083e32909b780a8e218d062af2923aab5b5

    • SHA512

      9ab1659520f5b87d292e0ab73c8e75a2bedc3be43064701618bf07a7528de4cbf1fc904818059576ea3b82e22453c7e6edf310eab4940f67e9cc8287c09921d9

    • SSDEEP

      6144:85SXvBoDWoyLYyzbkPC4DYM6SB6v+qLnAzYmhwrxcvkzmSBroh8:8IfBoDWoyFblU6hAJQnO6

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks