General

  • Target

    950a4fec0392b8952c38dc26e4b4547bec9aae9ced499c3fffa2558da116fa52

  • Size

    438KB

  • Sample

    240317-1x7r6shg9v

  • MD5

    4f8b7fb8a0b9fe62a62cf274d0d439d9

  • SHA1

    fa9a0558bdea1cdce5ba1ad483ea899382ec32b7

  • SHA256

    950a4fec0392b8952c38dc26e4b4547bec9aae9ced499c3fffa2558da116fa52

  • SHA512

    0a82608bc4e41f70da15f8b398a165aaf882a6cead3aaf828ff08dff4aebb173d0f2231c4a2d20fbd3f4b74db4f83b9e6690a8263cda9bdfa6294db274ba82dd

  • SSDEEP

    6144:iEK25f5ySIcWLsxIIW4DYM6SB6v+qLnAzYmhwrxcvkzmSOppAY:iMpASIcWYx2U6hAJQnxY

Score
10/10

Malware Config

Extracted

Family

urelas

C2

218.54.31.165

218.54.31.226

Targets

    • Target

      950a4fec0392b8952c38dc26e4b4547bec9aae9ced499c3fffa2558da116fa52

    • Size

      438KB

    • MD5

      4f8b7fb8a0b9fe62a62cf274d0d439d9

    • SHA1

      fa9a0558bdea1cdce5ba1ad483ea899382ec32b7

    • SHA256

      950a4fec0392b8952c38dc26e4b4547bec9aae9ced499c3fffa2558da116fa52

    • SHA512

      0a82608bc4e41f70da15f8b398a165aaf882a6cead3aaf828ff08dff4aebb173d0f2231c4a2d20fbd3f4b74db4f83b9e6690a8263cda9bdfa6294db274ba82dd

    • SSDEEP

      6144:iEK25f5ySIcWLsxIIW4DYM6SB6v+qLnAzYmhwrxcvkzmSOppAY:iMpASIcWYx2U6hAJQnxY

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks