General

  • Target

    6b91002ce193f41599c63ca1be11bafb59d5abb333bad58b8bd2460ae7c106f3

  • Size

    399KB

  • Sample

    240316-zrenrsca51

  • MD5

    7e31f70d7a2e23dda5bd1376d549c65b

  • SHA1

    ff2dbd6c2fd3be48e5b34bb01bc63f17c0b46f14

  • SHA256

    6b91002ce193f41599c63ca1be11bafb59d5abb333bad58b8bd2460ae7c106f3

  • SHA512

    5b179d44cdc6aa8f7f8af3a2a2cca98ec380eb231b869fac8d661f78a095e36f834fb3d553ffd8c1f00382457fdc4e65b5816e03c21b01863613d8193f3ffbe0

  • SSDEEP

    6144:Osa1jZVgy03se7k5kBTTg7YMz6j8GuHEqqtKKUrBwj3bdRZ00:qtVgyuse2kBXg7Cj81cKK7jBb

Score
10/10

Malware Config

Extracted

Family

urelas

C2

1.234.83.146

133.242.129.155

218.54.31.165

218.54.31.226

Targets

    • Target

      6b91002ce193f41599c63ca1be11bafb59d5abb333bad58b8bd2460ae7c106f3

    • Size

      399KB

    • MD5

      7e31f70d7a2e23dda5bd1376d549c65b

    • SHA1

      ff2dbd6c2fd3be48e5b34bb01bc63f17c0b46f14

    • SHA256

      6b91002ce193f41599c63ca1be11bafb59d5abb333bad58b8bd2460ae7c106f3

    • SHA512

      5b179d44cdc6aa8f7f8af3a2a2cca98ec380eb231b869fac8d661f78a095e36f834fb3d553ffd8c1f00382457fdc4e65b5816e03c21b01863613d8193f3ffbe0

    • SSDEEP

      6144:Osa1jZVgy03se7k5kBTTg7YMz6j8GuHEqqtKKUrBwj3bdRZ00:qtVgyuse2kBXg7Cj81cKK7jBb

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks