General

  • Target

    68adddec91e108748fd969089a6387fae5fe8bb39e31398d0daf0950bf695042

  • Size

    185KB

  • Sample

    240317-zhbkrafe43

  • MD5

    a756bcbaa51d9ee4d81d4416bed55746

  • SHA1

    560cd8ae9fdcbbc10c5914f47fbdcabc7e423179

  • SHA256

    68adddec91e108748fd969089a6387fae5fe8bb39e31398d0daf0950bf695042

  • SHA512

    af8f402d8a481a6fb937abd0f1a18bdd4133bdb0d53fd902e08e0f11254d9e33e8da8ad38f86b7d1ac62db53cf03a03f41ff3ab3d2dee9715d5e0a31be8a7c78

  • SSDEEP

    3072:CgFeKWwO8PWlafsuKLIor6G4hvomP65TPp00uhtTt:CkeKWCWlafsFLR8BPwPp05Tt

Score
10/10

Malware Config

Extracted

Family

urelas

C2

112.175.88.208

112.175.88.209

112.175.88.207

Targets

    • Target

      68adddec91e108748fd969089a6387fae5fe8bb39e31398d0daf0950bf695042

    • Size

      185KB

    • MD5

      a756bcbaa51d9ee4d81d4416bed55746

    • SHA1

      560cd8ae9fdcbbc10c5914f47fbdcabc7e423179

    • SHA256

      68adddec91e108748fd969089a6387fae5fe8bb39e31398d0daf0950bf695042

    • SHA512

      af8f402d8a481a6fb937abd0f1a18bdd4133bdb0d53fd902e08e0f11254d9e33e8da8ad38f86b7d1ac62db53cf03a03f41ff3ab3d2dee9715d5e0a31be8a7c78

    • SSDEEP

      3072:CgFeKWwO8PWlafsuKLIor6G4hvomP65TPp00uhtTt:CkeKWCWlafsFLR8BPwPp05Tt

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks