General

  • Target

    7310b1a1c38ecab41540f2950a8e751c5691932df8a0449ac062bf73c5ab7275

  • Size

    487KB

  • Sample

    240317-zvjf5agf2x

  • MD5

    a2ad6c3bbef21229d5ff829b1dca4f54

  • SHA1

    8dc5f0f82a198b674b940b4e18ff4baf4d9a1c1b

  • SHA256

    7310b1a1c38ecab41540f2950a8e751c5691932df8a0449ac062bf73c5ab7275

  • SHA512

    f3876b8e65a8de582cd8a25947d7737dff22d15f6379b9244ce7b73e85b26540d3eef2af722062d44566b892ffdf91b8463a44b02fd272d400e867f30812efc8

  • SSDEEP

    12288:Vpbvglu0agWSFnxAEwKyLH8l+O9H6s2si2XfxKTbehk:VpbXi5xzFUBaazsiofx8Ck

Score
10/10

Malware Config

Extracted

Family

urelas

C2

1.234.83.146

133.242.129.155

218.54.31.226

218.54.31.165

Targets

    • Target

      7310b1a1c38ecab41540f2950a8e751c5691932df8a0449ac062bf73c5ab7275

    • Size

      487KB

    • MD5

      a2ad6c3bbef21229d5ff829b1dca4f54

    • SHA1

      8dc5f0f82a198b674b940b4e18ff4baf4d9a1c1b

    • SHA256

      7310b1a1c38ecab41540f2950a8e751c5691932df8a0449ac062bf73c5ab7275

    • SHA512

      f3876b8e65a8de582cd8a25947d7737dff22d15f6379b9244ce7b73e85b26540d3eef2af722062d44566b892ffdf91b8463a44b02fd272d400e867f30812efc8

    • SSDEEP

      12288:Vpbvglu0agWSFnxAEwKyLH8l+O9H6s2si2XfxKTbehk:VpbXi5xzFUBaazsiofx8Ck

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks