General

  • Target

    e6ad81e5692cad784c7800990a508df6d7c53e2328b33d1d1c0ddb4f967fb602

  • Size

    202KB

  • Sample

    240318-a5rstach7v

  • MD5

    1fddc6a27259838f6358232c01fa9aa8

  • SHA1

    76211ef1e01a0cc9c5111701fa205acb908a2532

  • SHA256

    e6ad81e5692cad784c7800990a508df6d7c53e2328b33d1d1c0ddb4f967fb602

  • SHA512

    e7f7d7fd68096f9044fa6290a5d9cd02b3f412dbe9122cf7820d55d14db57ce98d9c905e18adc51a8b38948df8d567e3ee448f53275871225b2bc1214ef30428

  • SSDEEP

    3072:3yuTOfolTlYHB+HYoIe+t7R8fU6n86GEs:3yuTOf+Tl2He+T0aTh

Score
10/10

Malware Config

Extracted

Family

urelas

C2

112.175.88.207

112.175.88.208

Targets

    • Target

      e6ad81e5692cad784c7800990a508df6d7c53e2328b33d1d1c0ddb4f967fb602

    • Size

      202KB

    • MD5

      1fddc6a27259838f6358232c01fa9aa8

    • SHA1

      76211ef1e01a0cc9c5111701fa205acb908a2532

    • SHA256

      e6ad81e5692cad784c7800990a508df6d7c53e2328b33d1d1c0ddb4f967fb602

    • SHA512

      e7f7d7fd68096f9044fa6290a5d9cd02b3f412dbe9122cf7820d55d14db57ce98d9c905e18adc51a8b38948df8d567e3ee448f53275871225b2bc1214ef30428

    • SSDEEP

      3072:3yuTOfolTlYHB+HYoIe+t7R8fU6n86GEs:3yuTOf+Tl2He+T0aTh

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks