General

  • Target

    d1edfaa2b5d559d0fda19a075030f3e5

  • Size

    402KB

  • Sample

    240317-1g7ggahd7t

  • MD5

    d1edfaa2b5d559d0fda19a075030f3e5

  • SHA1

    ce1863072a497c76d201fe80980570ad9bf474b0

  • SHA256

    275dd3a644010079c6559a0886902abe54cfe38de3e97c392b1a95566b837a58

  • SHA512

    697cea244789fb4f80411993a71f713c754813acfe74c97b4301d7aa6d61280186db74b67d974432c4be21953bf4b38363de1b4066461e58e24fca2208dfd8a5

  • SSDEEP

    6144:85SXvBoDWoyLYyzbkPC4DYM6SB6v+qLnAzYmhwrxcvkzmSBrohJ:8IfBoDWoyFblU6hAJQnOb

Score
10/10

Malware Config

Extracted

Family

urelas

C2

218.54.31.165

218.54.31.226

Targets

    • Target

      d1edfaa2b5d559d0fda19a075030f3e5

    • Size

      402KB

    • MD5

      d1edfaa2b5d559d0fda19a075030f3e5

    • SHA1

      ce1863072a497c76d201fe80980570ad9bf474b0

    • SHA256

      275dd3a644010079c6559a0886902abe54cfe38de3e97c392b1a95566b837a58

    • SHA512

      697cea244789fb4f80411993a71f713c754813acfe74c97b4301d7aa6d61280186db74b67d974432c4be21953bf4b38363de1b4066461e58e24fca2208dfd8a5

    • SSDEEP

      6144:85SXvBoDWoyLYyzbkPC4DYM6SB6v+qLnAzYmhwrxcvkzmSBrohJ:8IfBoDWoyFblU6hAJQnOb

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks