General
-
Target
22051fe620612a3673c038469d3d0cd9
-
Size
216KB
-
Sample
240409-1l4ldagc2z
-
MD5
22051fe620612a3673c038469d3d0cd9
-
SHA1
84b4e1666534d3105da0df7e02e2b6b37e822ee4
-
SHA256
6cb90d341021fec8f16549f52e08c311b4496ea0556ffad29e72ea8f6b131b96
-
SHA512
c00e2c68fcfc227001b08fc49311cba39fd301fc0e34821637c2e283e9a70594c19d1032a26449571e570033d438abf4c6f120945ab875b38fd8f3c7815e5604
-
SSDEEP
1536:1q1utPdWHdPEzoT2/VhWbnoZSKLfiGGPgq3ePAH8PNqWxCxrR/x9sU4BH7TTg:1fPdWqV0CvL6GGCPNqWUxrR/x9sTBHU
Malware Config
Extracted
urelas
218.54.47.77
218.54.47.74
Targets
-
-
Target
22051fe620612a3673c038469d3d0cd9
-
Size
216KB
-
MD5
22051fe620612a3673c038469d3d0cd9
-
SHA1
84b4e1666534d3105da0df7e02e2b6b37e822ee4
-
SHA256
6cb90d341021fec8f16549f52e08c311b4496ea0556ffad29e72ea8f6b131b96
-
SHA512
c00e2c68fcfc227001b08fc49311cba39fd301fc0e34821637c2e283e9a70594c19d1032a26449571e570033d438abf4c6f120945ab875b38fd8f3c7815e5604
-
SSDEEP
1536:1q1utPdWHdPEzoT2/VhWbnoZSKLfiGGPgq3ePAH8PNqWxCxrR/x9sU4BH7TTg:1fPdWqV0CvL6GGCPNqWUxrR/x9sTBHU
Score10/10-
Urelas
Urelas is a trojan targeting card games.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-