General

  • Target

    b0758a43ccd6915caf3c78079b679c42b1bc6cd169735f7773e7b7df7173fe5e

  • Size

    488KB

  • Sample

    240317-2vlmlahf73

  • MD5

    0d8971e484afcf5287d4ba4adc8724f4

  • SHA1

    25526e7ad62964d46a6b142cb793db5edd63522a

  • SHA256

    b0758a43ccd6915caf3c78079b679c42b1bc6cd169735f7773e7b7df7173fe5e

  • SHA512

    15b3c603d91ec64533bf0b30f42f98e50c787cdff62d073f14c148b155f053649623df71ec59b758b9804cee3fce726cbca0dfefe756fcfea87b4ee4ef2851e1

  • SSDEEP

    12288:xpbfVlu0agWfZlnxgmEpZGsrUs99uDEq5EGDFhIH:xpbGRZxSfGCUs99hq5Js

Score
10/10

Malware Config

Extracted

Family

urelas

C2

1.234.83.146

133.242.129.155

218.54.31.226

218.54.31.165

Targets

    • Target

      b0758a43ccd6915caf3c78079b679c42b1bc6cd169735f7773e7b7df7173fe5e

    • Size

      488KB

    • MD5

      0d8971e484afcf5287d4ba4adc8724f4

    • SHA1

      25526e7ad62964d46a6b142cb793db5edd63522a

    • SHA256

      b0758a43ccd6915caf3c78079b679c42b1bc6cd169735f7773e7b7df7173fe5e

    • SHA512

      15b3c603d91ec64533bf0b30f42f98e50c787cdff62d073f14c148b155f053649623df71ec59b758b9804cee3fce726cbca0dfefe756fcfea87b4ee4ef2851e1

    • SSDEEP

      12288:xpbfVlu0agWfZlnxgmEpZGsrUs99uDEq5EGDFhIH:xpbGRZxSfGCUs99hq5Js

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks