General

  • Target

    5d34c1fa9a4b848903798ab0660b2758bd330336bea28c4044cfa087cc67decf

  • Size

    488KB

  • Sample

    240317-y4bbfafa49

  • MD5

    b3600c420239a988c5835f395509852b

  • SHA1

    11fd193c96578318fbbbebc1401bf0db0573b358

  • SHA256

    5d34c1fa9a4b848903798ab0660b2758bd330336bea28c4044cfa087cc67decf

  • SHA512

    02e50d8100a61f458d931796a3cf8716a497e7e6a45fb61cebe946fa5185183d7f8d01e607a56e1f317b950c8b84d51def49f75c404959d56337d89bbdd8f285

  • SSDEEP

    12288:xpbfVlu0agWfZlnxgmEpZGsrUs99uDEq5EGDFhId:xpbGRZxSfGCUs99hq5Jy

Score
10/10

Malware Config

Extracted

Family

urelas

C2

1.234.83.146

133.242.129.155

218.54.31.226

218.54.31.165

Targets

    • Target

      5d34c1fa9a4b848903798ab0660b2758bd330336bea28c4044cfa087cc67decf

    • Size

      488KB

    • MD5

      b3600c420239a988c5835f395509852b

    • SHA1

      11fd193c96578318fbbbebc1401bf0db0573b358

    • SHA256

      5d34c1fa9a4b848903798ab0660b2758bd330336bea28c4044cfa087cc67decf

    • SHA512

      02e50d8100a61f458d931796a3cf8716a497e7e6a45fb61cebe946fa5185183d7f8d01e607a56e1f317b950c8b84d51def49f75c404959d56337d89bbdd8f285

    • SSDEEP

      12288:xpbfVlu0agWfZlnxgmEpZGsrUs99uDEq5EGDFhId:xpbGRZxSfGCUs99hq5Jy

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks