General

  • Target

    387194e737d4bc623dd6827cd58c8d32cf6b2fb34b7e758f595d11dcab6c79e4

  • Size

    319KB

  • Sample

    240316-xz868saa6z

  • MD5

    abb69b28aade47f1965fc13df76078e4

  • SHA1

    d839954ad29c2a1101409b1a8c438cbdc7e72b89

  • SHA256

    387194e737d4bc623dd6827cd58c8d32cf6b2fb34b7e758f595d11dcab6c79e4

  • SHA512

    36467ed91d8f305d6ebc1fbc2ac054ce799ecd78dd7df1174265adde739ba24ce235a64d9533762e80a49a4793aef15111ec5dff77ecc1497f60af5f39a5dea6

  • SSDEEP

    6144:TOAztL6W+JJMPkZ5tJb52Wd83erDPKmjxTz7HbYcPCVYhg+KZx:TOMFwMPkDH/QiPLxvzblu2FKP

Score
10/10

Malware Config

Extracted

Family

urelas

C2

1.234.83.146

133.242.129.155

218.54.31.165

218.54.31.226

Targets

    • Target

      387194e737d4bc623dd6827cd58c8d32cf6b2fb34b7e758f595d11dcab6c79e4

    • Size

      319KB

    • MD5

      abb69b28aade47f1965fc13df76078e4

    • SHA1

      d839954ad29c2a1101409b1a8c438cbdc7e72b89

    • SHA256

      387194e737d4bc623dd6827cd58c8d32cf6b2fb34b7e758f595d11dcab6c79e4

    • SHA512

      36467ed91d8f305d6ebc1fbc2ac054ce799ecd78dd7df1174265adde739ba24ce235a64d9533762e80a49a4793aef15111ec5dff77ecc1497f60af5f39a5dea6

    • SSDEEP

      6144:TOAztL6W+JJMPkZ5tJb52Wd83erDPKmjxTz7HbYcPCVYhg+KZx:TOMFwMPkDH/QiPLxvzblu2FKP

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks