General

  • Target

    eafb7e8e9afedd85d5c54cd3cada915d748a1a755f1761c170d4814c8c4f50d3

  • Size

    449KB

  • Sample

    240318-a964asdb4v

  • MD5

    15c593d81637dcf0061cf4020fc61a4d

  • SHA1

    48842715f80fddd39f13d49c383611b04404db05

  • SHA256

    eafb7e8e9afedd85d5c54cd3cada915d748a1a755f1761c170d4814c8c4f50d3

  • SHA512

    52587e4fc2eed7886a77df2ed5c6d93be8b8fb2c91e7c0a56138fe2bb88412eab2b74e68c2d9da58773d9152d153020b3b5651781ae64c84532b0b1d78a0c5d3

  • SSDEEP

    6144:YEK25f5ySIcWLsxIIW4DYM6SB6v+qLnAzYmhwrxcvkzmSOpjFBhclG:YMpASIcWYx2U6hAJQnDlG

Score
10/10

Malware Config

Extracted

Family

urelas

C2

218.54.31.165

218.54.31.226

Targets

    • Target

      eafb7e8e9afedd85d5c54cd3cada915d748a1a755f1761c170d4814c8c4f50d3

    • Size

      449KB

    • MD5

      15c593d81637dcf0061cf4020fc61a4d

    • SHA1

      48842715f80fddd39f13d49c383611b04404db05

    • SHA256

      eafb7e8e9afedd85d5c54cd3cada915d748a1a755f1761c170d4814c8c4f50d3

    • SHA512

      52587e4fc2eed7886a77df2ed5c6d93be8b8fb2c91e7c0a56138fe2bb88412eab2b74e68c2d9da58773d9152d153020b3b5651781ae64c84532b0b1d78a0c5d3

    • SSDEEP

      6144:YEK25f5ySIcWLsxIIW4DYM6SB6v+qLnAzYmhwrxcvkzmSOpjFBhclG:YMpASIcWYx2U6hAJQnDlG

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks