General

  • Target

    07b4d9f7bc3661ff0810ee4820940092764afb555fba58e8f2f1e9fd04b0694a

  • Size

    157KB

  • Sample

    240316-vzksjahd86

  • MD5

    c36efcad3904f546a1e80a462615a887

  • SHA1

    bbbf1621d51f234f9b07274f7435be7616c8b0e6

  • SHA256

    07b4d9f7bc3661ff0810ee4820940092764afb555fba58e8f2f1e9fd04b0694a

  • SHA512

    022303128de33e35794ee91ffa1ab65784e5f822808c61dfacd4ffd5c54619749abf84f0a144a72998311b238e611846d2f288c594fbfe7893d137f43b0a0d75

  • SSDEEP

    1536:JJ7RmwVTSktuc6K2JI8ubZBpWO/ljXGjHBX7oVlU2gumBMokip3boMqO5FDHTh:jRmw5SJJ0djXGjd7QzmMokip1qObZ

Score
10/10

Malware Config

Extracted

Family

urelas

C2

112.175.88.208

112.175.88.207

Targets

    • Target

      07b4d9f7bc3661ff0810ee4820940092764afb555fba58e8f2f1e9fd04b0694a

    • Size

      157KB

    • MD5

      c36efcad3904f546a1e80a462615a887

    • SHA1

      bbbf1621d51f234f9b07274f7435be7616c8b0e6

    • SHA256

      07b4d9f7bc3661ff0810ee4820940092764afb555fba58e8f2f1e9fd04b0694a

    • SHA512

      022303128de33e35794ee91ffa1ab65784e5f822808c61dfacd4ffd5c54619749abf84f0a144a72998311b238e611846d2f288c594fbfe7893d137f43b0a0d75

    • SSDEEP

      1536:JJ7RmwVTSktuc6K2JI8ubZBpWO/ljXGjHBX7oVlU2gumBMokip3boMqO5FDHTh:jRmw5SJJ0djXGjd7QzmMokip1qObZ

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks