General

  • Target

    ace5767eb242874f0582532e7af17c0c449427f8855bf11d92e19a7beb474c3f

  • Size

    479KB

  • Sample

    240317-2qtgmshe93

  • MD5

    a6b1c46011d836ef5843b18fc10e0ffe

  • SHA1

    5452f93d20eee2a584a795fd8c67a31935309f9e

  • SHA256

    ace5767eb242874f0582532e7af17c0c449427f8855bf11d92e19a7beb474c3f

  • SHA512

    86643595efd8f5b828bcbd25ab5f3e95ee939e051399550bbd3d7b57cda75a2a5b7533f9a8a23d030e97531f1a8589d1adb3a7ae615d58502a81928f3abcf4ed

  • SSDEEP

    12288:93CtSokfFGUMKwlTIU/b37dJ75WEe+eKTxB6mZH:9x9GzHlTv/b35tecFB6w

Score
10/10

Malware Config

Extracted

Family

urelas

C2

121.88.5.183

121.88.5.184

Targets

    • Target

      ace5767eb242874f0582532e7af17c0c449427f8855bf11d92e19a7beb474c3f

    • Size

      479KB

    • MD5

      a6b1c46011d836ef5843b18fc10e0ffe

    • SHA1

      5452f93d20eee2a584a795fd8c67a31935309f9e

    • SHA256

      ace5767eb242874f0582532e7af17c0c449427f8855bf11d92e19a7beb474c3f

    • SHA512

      86643595efd8f5b828bcbd25ab5f3e95ee939e051399550bbd3d7b57cda75a2a5b7533f9a8a23d030e97531f1a8589d1adb3a7ae615d58502a81928f3abcf4ed

    • SSDEEP

      12288:93CtSokfFGUMKwlTIU/b37dJ75WEe+eKTxB6mZH:9x9GzHlTv/b35tecFB6w

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks