General

  • Target

    3c1cad2d318004c7077c23df3f713eb96eec51126220b0b971feeee3a8c4867c

  • Size

    320KB

  • Sample

    240316-x4jr5sab9v

  • MD5

    1912a495e8f5f8d99719fda39238d3e0

  • SHA1

    145962614411a9a112bd851196d3450d9bfa3d17

  • SHA256

    3c1cad2d318004c7077c23df3f713eb96eec51126220b0b971feeee3a8c4867c

  • SHA512

    a9639daa297973f90a73c1e4ce16fdbc43204b282ea269870602a2ad04be43ae1600ccd05b46e3a952ab348d3aea8d97f8c75636e50016144b089b445fa077e7

  • SSDEEP

    6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XYq:vHW138/iXWlK885rKlGSekcj66ciP

Score
10/10

Malware Config

Extracted

Family

urelas

C2

218.54.31.226

218.54.31.165

218.54.31.166

Targets

    • Target

      3c1cad2d318004c7077c23df3f713eb96eec51126220b0b971feeee3a8c4867c

    • Size

      320KB

    • MD5

      1912a495e8f5f8d99719fda39238d3e0

    • SHA1

      145962614411a9a112bd851196d3450d9bfa3d17

    • SHA256

      3c1cad2d318004c7077c23df3f713eb96eec51126220b0b971feeee3a8c4867c

    • SHA512

      a9639daa297973f90a73c1e4ce16fdbc43204b282ea269870602a2ad04be43ae1600ccd05b46e3a952ab348d3aea8d97f8c75636e50016144b089b445fa077e7

    • SSDEEP

      6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XYq:vHW138/iXWlK885rKlGSekcj66ciP

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks