General

  • Target

    ce60aea493418be8c5c9cea6c309abc1

  • Size

    555KB

  • Sample

    240316-sn7f2sdf3y

  • MD5

    ce60aea493418be8c5c9cea6c309abc1

  • SHA1

    edca862f572d5b8dc793861c685eadbf7e22ec80

  • SHA256

    7d2fa6d12eef3a00a709d03ca80fcc726f3a62d616f8fb63911a0de365ff1cf0

  • SHA512

    1bec20ff5e74c2f70d051a9af080234fa4e164ab45f859882f78670d5a2e04a2a3e925dfecbc02e5041cd1d55ac8087e26311b5f7b2db234020494bef9054639

  • SSDEEP

    12288:zccNvdRExZGe+Q1nSoS++43x+l7QLiaEyk:znPfQp9L3olqFk

Score
10/10

Malware Config

Extracted

Family

urelas

C2

1.234.83.146

133.242.129.155

218.54.31.226

218.54.31.165

Targets

    • Target

      ce60aea493418be8c5c9cea6c309abc1

    • Size

      555KB

    • MD5

      ce60aea493418be8c5c9cea6c309abc1

    • SHA1

      edca862f572d5b8dc793861c685eadbf7e22ec80

    • SHA256

      7d2fa6d12eef3a00a709d03ca80fcc726f3a62d616f8fb63911a0de365ff1cf0

    • SHA512

      1bec20ff5e74c2f70d051a9af080234fa4e164ab45f859882f78670d5a2e04a2a3e925dfecbc02e5041cd1d55ac8087e26311b5f7b2db234020494bef9054639

    • SSDEEP

      12288:zccNvdRExZGe+Q1nSoS++43x+l7QLiaEyk:znPfQp9L3olqFk

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks