General

  • Target

    273ba64aa8eebe1d887d9617a493d01d2e0f0688b9751682e302104c1b1417bd

  • Size

    201KB

  • Sample

    240317-w8gb5scf58

  • MD5

    d2aa80199be90b68593a3276426bade3

  • SHA1

    9964f5be681ec6a55ccf23f174dcb8347695aef2

  • SHA256

    273ba64aa8eebe1d887d9617a493d01d2e0f0688b9751682e302104c1b1417bd

  • SHA512

    8e2f82dcd4b49e30e60fe5da80d22ee00026be3826be2ad9d2fa32be990235d64c48e216ca84ac858a191f06bdb9b42f64eb32bb93c462dda982f301b2f6f46e

  • SSDEEP

    1536:kUqOou3xsUK2ZM+o5RtWVszFiiDsR7ToP/7OYhVWU2gzeNHYoIeC34/PC7Ruz3hu:3yuTOfolTlYHB+HYoIe+t7R8fU6n86ID

Score
10/10

Malware Config

Extracted

Family

urelas

C2

112.175.88.207

112.175.88.208

Targets

    • Target

      273ba64aa8eebe1d887d9617a493d01d2e0f0688b9751682e302104c1b1417bd

    • Size

      201KB

    • MD5

      d2aa80199be90b68593a3276426bade3

    • SHA1

      9964f5be681ec6a55ccf23f174dcb8347695aef2

    • SHA256

      273ba64aa8eebe1d887d9617a493d01d2e0f0688b9751682e302104c1b1417bd

    • SHA512

      8e2f82dcd4b49e30e60fe5da80d22ee00026be3826be2ad9d2fa32be990235d64c48e216ca84ac858a191f06bdb9b42f64eb32bb93c462dda982f301b2f6f46e

    • SSDEEP

      1536:kUqOou3xsUK2ZM+o5RtWVszFiiDsR7ToP/7OYhVWU2gzeNHYoIeC34/PC7Ruz3hu:3yuTOfolTlYHB+HYoIe+t7R8fU6n86ID

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks