Overview

overview

10

Static

static

3

2432758588...18.exe

windows7-x64

10

2432758588...18.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    24327585888d74885771f93f33d66b11_JaffaCakes118

  • Size

    59KB

  • Sample

    240329-rlp9baah87

  • MD5

    24327585888d74885771f93f33d66b11

  • SHA1

    e6ce5e000949ad0e291fe232c70014752cb85630

  • SHA256

    5210b462c3ecae42731cce5d3a4de24a08085fb1398c345fbd2c4a7167142a45

  • SHA512

    08fb2faa87480749949e210bd3119ec349cd1bd773b38467776c7424e0674fe238905e423a9003f01ddd747783694a15061372a79b64ac2e87c9455973c7c703

  • SSDEEP

    768:n5mhew0GpSyMe6hwUkdwJzh+qciaQRENEzxZbARtR06g2wqp4YPeznellmqGwxP0:nK0GjMeQG3iaQREuVZ6ro29p4YxbKdp

Score
10/10
urelastrojan

Malware Config

Extracted

Family

urelas

C2

218.54.47.76

218.54.47.77

218.54.47.74

Targets

    • Target

      24327585888d74885771f93f33d66b11_JaffaCakes118

    • Size

      59KB

    • MD5

      24327585888d74885771f93f33d66b11

    • SHA1

      e6ce5e000949ad0e291fe232c70014752cb85630

    • SHA256

      5210b462c3ecae42731cce5d3a4de24a08085fb1398c345fbd2c4a7167142a45

    • SHA512

      08fb2faa87480749949e210bd3119ec349cd1bd773b38467776c7424e0674fe238905e423a9003f01ddd747783694a15061372a79b64ac2e87c9455973c7c703

    • SSDEEP

      768:n5mhew0GpSyMe6hwUkdwJzh+qciaQRENEzxZbARtR06g2wqp4YPeznellmqGwxP0:nK0GjMeQG3iaQREuVZ6ro29p4YxbKdp

    Score
    10/10
    urelastrojan

    • Urelas

      Urelas is a trojan targeting card games.

      trojanurelas

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks