General

  • Target

    3fd05d9c73970740f74fbdf4af015a6807e4073fff9092da80838503ba768d9d

  • Size

    386KB

  • Sample

    240317-x23ggaec5v

  • MD5

    04c31be81f31b473f582c79055e6bc40

  • SHA1

    e339f4d5583ddc17f4fde0f104f5980596e36788

  • SHA256

    3fd05d9c73970740f74fbdf4af015a6807e4073fff9092da80838503ba768d9d

  • SHA512

    50ddcab3942fb2c224aca448e7f954a2be04c00f446d89298b029a3dd2d57394490cf21e8ecd1a0922da3c4a04de164574b99d74126e2f132e976915191a5de5

  • SSDEEP

    6144:1soTOQcDCbE8qLi6mADXdJ2dcoARXDR6YZbus8Z+2vFJhcemcyOpGX:WalcDCbE8qlmx8RkeS+MJueQF

Score
10/10

Malware Config

Extracted

Family

urelas

C2

1.234.83.146

133.242.129.155

218.54.31.226

218.54.31.165

Targets

    • Target

      3fd05d9c73970740f74fbdf4af015a6807e4073fff9092da80838503ba768d9d

    • Size

      386KB

    • MD5

      04c31be81f31b473f582c79055e6bc40

    • SHA1

      e339f4d5583ddc17f4fde0f104f5980596e36788

    • SHA256

      3fd05d9c73970740f74fbdf4af015a6807e4073fff9092da80838503ba768d9d

    • SHA512

      50ddcab3942fb2c224aca448e7f954a2be04c00f446d89298b029a3dd2d57394490cf21e8ecd1a0922da3c4a04de164574b99d74126e2f132e976915191a5de5

    • SSDEEP

      6144:1soTOQcDCbE8qLi6mADXdJ2dcoARXDR6YZbus8Z+2vFJhcemcyOpGX:WalcDCbE8qlmx8RkeS+MJueQF

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks