General

  • Target

    21a9f0da1b284e97f6b91646d5cbcdaa8dcaa97789030fd593384a5ce8982719

  • Size

    348KB

  • Sample

    240317-wz6knscd54

  • MD5

    d5b119f281467d558cf4955eee695b01

  • SHA1

    f65a058b9c33a483f9dbef5614e5234d8d908405

  • SHA256

    21a9f0da1b284e97f6b91646d5cbcdaa8dcaa97789030fd593384a5ce8982719

  • SHA512

    26a4398b0ae39cb04358fadfe04e975352292c65317aa921ab17646879583bfe07d2137b3a8c0ff8144c360d8d1b644c93b7d113bb940bf9b8a03ab96d4615f2

  • SSDEEP

    6144:SaVKyyzwbnUkoiqwcAR92+TdO5CksxCDy9pPbzBHU2ytluFy:g7yUTihR3ONs46pP3BHUbtD

Score
10/10

Malware Config

Extracted

Family

urelas

C2

1.234.83.146

133.242.129.155

218.54.31.226

218.54.30.235

218.54.31.165

Targets

    • Target

      21a9f0da1b284e97f6b91646d5cbcdaa8dcaa97789030fd593384a5ce8982719

    • Size

      348KB

    • MD5

      d5b119f281467d558cf4955eee695b01

    • SHA1

      f65a058b9c33a483f9dbef5614e5234d8d908405

    • SHA256

      21a9f0da1b284e97f6b91646d5cbcdaa8dcaa97789030fd593384a5ce8982719

    • SHA512

      26a4398b0ae39cb04358fadfe04e975352292c65317aa921ab17646879583bfe07d2137b3a8c0ff8144c360d8d1b644c93b7d113bb940bf9b8a03ab96d4615f2

    • SSDEEP

      6144:SaVKyyzwbnUkoiqwcAR92+TdO5CksxCDy9pPbzBHU2ytluFy:g7yUTihR3ONs46pP3BHUbtD

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks