General

  • Target

    c14fb102c05d77ab7443cc15d489ea70

  • Size

    328KB

  • Sample

    240409-y4nlrshf85

  • MD5

    c14fb102c05d77ab7443cc15d489ea70

  • SHA1

    cd2176a25e62066e076fe99efb30058a139c888d

  • SHA256

    c7661d91bada02fb540c88e94bf5ee6594f5157a7b3343c19619a6b1ec5480b7

  • SHA512

    8e03afacbecc4aa4f5ffe00af996479405ccb02021530bda074964b4226001a7016c98fb84a7594e497abf765b7a11aa85ac66b9a19e6d261bfb29e2a0d51bf3

  • SSDEEP

    6144:wObaeY8zPekKKH/hT8PVdkLHtA3nPER5oSHzZ4NyQ:wOb/KKH/hT8PVdkJA3uoSiT

Score
10/10

Malware Config

Extracted

Family

urelas

C2

121.88.5.184

121.88.5.183

218.54.30.235

218.54.28.139

Targets

    • Target

      c14fb102c05d77ab7443cc15d489ea70

    • Size

      328KB

    • MD5

      c14fb102c05d77ab7443cc15d489ea70

    • SHA1

      cd2176a25e62066e076fe99efb30058a139c888d

    • SHA256

      c7661d91bada02fb540c88e94bf5ee6594f5157a7b3343c19619a6b1ec5480b7

    • SHA512

      8e03afacbecc4aa4f5ffe00af996479405ccb02021530bda074964b4226001a7016c98fb84a7594e497abf765b7a11aa85ac66b9a19e6d261bfb29e2a0d51bf3

    • SSDEEP

      6144:wObaeY8zPekKKH/hT8PVdkLHtA3nPER5oSHzZ4NyQ:wOb/KKH/hT8PVdkJA3uoSiT

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks