General

  • Target

    31bd76be84cf25cd1119056ee72a7054ddb707a36cac584155ed9c1d5bb07d0a

  • Size

    398KB

  • Sample

    240317-xjwk7sda88

  • MD5

    87791f06e1e4750b18456badcc4fca34

  • SHA1

    4542965b595e139910410e4fdae640e0198a955a

  • SHA256

    31bd76be84cf25cd1119056ee72a7054ddb707a36cac584155ed9c1d5bb07d0a

  • SHA512

    236da4ad7617e57d7b12dce21ab6ba346aa0ff3ccdb64d4eebb11faa61e022628a2a456f2c8964a93b3af9fc3b13304e1741aadf6f19361cbefe0085e39c441f

  • SSDEEP

    6144:1sa1jZVgy03se7k5kBTTg7YMz6j8GuHEqqtKKUrBwj3bT3R/:rtVgyuse2kBXg7Cj81cKK7jfp

Score
10/10

Malware Config

Extracted

Family

urelas

C2

1.234.83.146

133.242.129.155

218.54.31.165

218.54.31.226

Targets

    • Target

      31bd76be84cf25cd1119056ee72a7054ddb707a36cac584155ed9c1d5bb07d0a

    • Size

      398KB

    • MD5

      87791f06e1e4750b18456badcc4fca34

    • SHA1

      4542965b595e139910410e4fdae640e0198a955a

    • SHA256

      31bd76be84cf25cd1119056ee72a7054ddb707a36cac584155ed9c1d5bb07d0a

    • SHA512

      236da4ad7617e57d7b12dce21ab6ba346aa0ff3ccdb64d4eebb11faa61e022628a2a456f2c8964a93b3af9fc3b13304e1741aadf6f19361cbefe0085e39c441f

    • SSDEEP

      6144:1sa1jZVgy03se7k5kBTTg7YMz6j8GuHEqqtKKUrBwj3bT3R/:rtVgyuse2kBXg7Cj81cKK7jfp

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks