Overview

overview

10

Static

static

3

e2adbf7632...18.exe

windows7-x64

10

e2adbf7632...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e2adbf763206139946d4b2c0f6db021a_JaffaCakes118

  • Size

    60KB

  • Sample

    240406-q48b6sbg2v

  • MD5

    e2adbf763206139946d4b2c0f6db021a

  • SHA1

    14a1b8235cd00cc28cde1044e618c11d7f77cfb0

  • SHA256

    146ac209004afaf8d4a76c71c01a62f56be745cbd91ba55b278aa701915228be

  • SHA512

    8dfc2983fd95af78401219654d262bb91d6c07d9a49c82056f63ede0616a055042eefe2ef180c41e060b870a998077711cfb055bfdabfa06cb510588c77c82e6

  • SSDEEP

    768:n5mhew0GpSyMe6hwUkdwJzh+qciaQRENEzxZbARtR06g2wqp4YPeznellmqGwxP7:nK0GjMeQG3iaQREuVZ6ro29p4YxbKdIn

Score
10/10
urelastrojan

Malware Config

Extracted

Family

urelas

C2

218.54.47.76

218.54.47.77

218.54.47.74

Targets

    • Target

      e2adbf763206139946d4b2c0f6db021a_JaffaCakes118

    • Size

      60KB

    • MD5

      e2adbf763206139946d4b2c0f6db021a

    • SHA1

      14a1b8235cd00cc28cde1044e618c11d7f77cfb0

    • SHA256

      146ac209004afaf8d4a76c71c01a62f56be745cbd91ba55b278aa701915228be

    • SHA512

      8dfc2983fd95af78401219654d262bb91d6c07d9a49c82056f63ede0616a055042eefe2ef180c41e060b870a998077711cfb055bfdabfa06cb510588c77c82e6

    • SSDEEP

      768:n5mhew0GpSyMe6hwUkdwJzh+qciaQRENEzxZbARtR06g2wqp4YPeznellmqGwxP7:nK0GjMeQG3iaQREuVZ6ro29p4YxbKdIn

    Score
    10/10
    urelastrojan

    • Urelas

      Urelas is a trojan targeting card games.

      trojanurelas

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks