General

  • Target

    6e5dc946377d9ea0452def09fb5fc7fd055c19d00664033903cea30bb373db13

  • Size

    320KB

  • Sample

    240316-zvy7ksdh84

  • MD5

    c3bdfbdcc1892c296247d62054275176

  • SHA1

    d3d49291a4dee829ed19046b0380741e01475fcf

  • SHA256

    6e5dc946377d9ea0452def09fb5fc7fd055c19d00664033903cea30bb373db13

  • SHA512

    9e17a23de4e10651b65486ad77459798d0e0925b771abb1481d90155dcce9ee3f9b8f3ed9c9ba805d8712b2a0672b7f6c4f863f33c8b1d16c4dc206f66ea7966

  • SSDEEP

    6144:PU0USPuHKKAsgBZg178Z+Snk6Fpwlw8RmuZSz8VdPbMK95BL7jGjFUHpJ+MBq:2SPXSzJSk6FpwlzmupVdjx5B/mFYJ+D

Score
10/10

Malware Config

Extracted

Family

urelas

C2

218.54.31.226

218.54.31.165

Targets

    • Target

      6e5dc946377d9ea0452def09fb5fc7fd055c19d00664033903cea30bb373db13

    • Size

      320KB

    • MD5

      c3bdfbdcc1892c296247d62054275176

    • SHA1

      d3d49291a4dee829ed19046b0380741e01475fcf

    • SHA256

      6e5dc946377d9ea0452def09fb5fc7fd055c19d00664033903cea30bb373db13

    • SHA512

      9e17a23de4e10651b65486ad77459798d0e0925b771abb1481d90155dcce9ee3f9b8f3ed9c9ba805d8712b2a0672b7f6c4f863f33c8b1d16c4dc206f66ea7966

    • SSDEEP

      6144:PU0USPuHKKAsgBZg178Z+Snk6Fpwlw8RmuZSz8VdPbMK95BL7jGjFUHpJ+MBq:2SPXSzJSk6FpwlzmupVdjx5B/mFYJ+D

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks