General

  • Target

    45367b587417c38611ea0e39ec118c98fe19bafff37c7d7404ddcb54aec801d4

  • Size

    455KB

  • Sample

    240316-ye55hscd34

  • MD5

    fcf4d2ed5851261d0f77aeec088cae15

  • SHA1

    0e71e7e5658028564c554e4f7969a83aa2cdd80b

  • SHA256

    45367b587417c38611ea0e39ec118c98fe19bafff37c7d7404ddcb54aec801d4

  • SHA512

    c283c435d2dae6a7361d0aff0b60ba960b230806ecc4e3fb6a333f1b923a29e580ab6565778cab88aee4132b76feba8bcfaca977f0122028855b3f3b374482b2

  • SSDEEP

    6144:PEK25f5ySIcWLsxIIW4DYM6SB6v+qLnAzYmhwrxcvkzmSOpoo:PMpASIcWYx2U6hAJQns

Score
10/10

Malware Config

Extracted

Family

urelas

C2

218.54.31.165

218.54.31.226

Targets

    • Target

      45367b587417c38611ea0e39ec118c98fe19bafff37c7d7404ddcb54aec801d4

    • Size

      455KB

    • MD5

      fcf4d2ed5851261d0f77aeec088cae15

    • SHA1

      0e71e7e5658028564c554e4f7969a83aa2cdd80b

    • SHA256

      45367b587417c38611ea0e39ec118c98fe19bafff37c7d7404ddcb54aec801d4

    • SHA512

      c283c435d2dae6a7361d0aff0b60ba960b230806ecc4e3fb6a333f1b923a29e580ab6565778cab88aee4132b76feba8bcfaca977f0122028855b3f3b374482b2

    • SSDEEP

      6144:PEK25f5ySIcWLsxIIW4DYM6SB6v+qLnAzYmhwrxcvkzmSOpoo:PMpASIcWYx2U6hAJQns

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks