General

  • Target

    aa860e857effd19f9f906a11d81c358f6f302f78253a6a8edb09823242d3b91b

  • Size

    417KB

  • Sample

    240317-2mhkzaac5x

  • MD5

    ee3be42773d097faa1d6af9ae11dbb5e

  • SHA1

    0a08232a32e71aecc0b9e052822b4bda3ecb7ec7

  • SHA256

    aa860e857effd19f9f906a11d81c358f6f302f78253a6a8edb09823242d3b91b

  • SHA512

    f6d3b524f9e766d5dfd66c665e58f69b6d4fd99be26eb1f146eef9431a90efdce9c983a63d99af7bdea59ada21f38dcdb7ead2777108f2004b43c4b57265813d

  • SSDEEP

    6144:y5SXvBoDWoyLYyzbpPC4DYM6SB6v+qLnAzYmhwrxcvkzmSBrBw/ia:yIfBoDWoyFboU6hAJQnrMx

Score
10/10

Malware Config

Extracted

Family

urelas

C2

218.54.31.165

218.54.31.226

Targets

    • Target

      aa860e857effd19f9f906a11d81c358f6f302f78253a6a8edb09823242d3b91b

    • Size

      417KB

    • MD5

      ee3be42773d097faa1d6af9ae11dbb5e

    • SHA1

      0a08232a32e71aecc0b9e052822b4bda3ecb7ec7

    • SHA256

      aa860e857effd19f9f906a11d81c358f6f302f78253a6a8edb09823242d3b91b

    • SHA512

      f6d3b524f9e766d5dfd66c665e58f69b6d4fd99be26eb1f146eef9431a90efdce9c983a63d99af7bdea59ada21f38dcdb7ead2777108f2004b43c4b57265813d

    • SSDEEP

      6144:y5SXvBoDWoyLYyzbpPC4DYM6SB6v+qLnAzYmhwrxcvkzmSBrBw/ia:yIfBoDWoyFboU6hAJQnrMx

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks