General

  • Target

    09427c0dc99df77c2de41583aec475b1efe7768c22beadf66a2bd74be9c7e232

  • Size

    483KB

  • Sample

    240316-v3m23ahe78

  • MD5

    85b08f898c67e73f735aed325da9ef5a

  • SHA1

    9a4423a797171f5a7be8dbb2edb4903619fbaded

  • SHA256

    09427c0dc99df77c2de41583aec475b1efe7768c22beadf66a2bd74be9c7e232

  • SHA512

    c05374131bd9769a58f148665c2da1cc8999476ef76ac9abe7a4a17b9ca7d9140898f2f0415b8c9757610fdc289dff099d8498052e40e2246f3eaa8b720a1e58

  • SSDEEP

    12288:k2PxDgZo3ijniea8Xih9abyNK95ZA9u3y2XWbe:k2SLi7oih9abvced

Score
10/10

Malware Config

Extracted

Family

urelas

C2

1.234.83.146

133.242.129.155

218.54.31.226

218.54.30.235

218.54.31.165

Targets

    • Target

      09427c0dc99df77c2de41583aec475b1efe7768c22beadf66a2bd74be9c7e232

    • Size

      483KB

    • MD5

      85b08f898c67e73f735aed325da9ef5a

    • SHA1

      9a4423a797171f5a7be8dbb2edb4903619fbaded

    • SHA256

      09427c0dc99df77c2de41583aec475b1efe7768c22beadf66a2bd74be9c7e232

    • SHA512

      c05374131bd9769a58f148665c2da1cc8999476ef76ac9abe7a4a17b9ca7d9140898f2f0415b8c9757610fdc289dff099d8498052e40e2246f3eaa8b720a1e58

    • SSDEEP

      12288:k2PxDgZo3ijniea8Xih9abyNK95ZA9u3y2XWbe:k2SLi7oih9abvced

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks