Overview

overview

10

Static

static

3

edad22b05b...18.exe

windows7-x64

10

edad22b05b...18.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    edad22b05b0e64a7fab77bb023afc682_JaffaCakes118

  • Size

    94KB

  • Sample

    240411-r7bcaadf87

  • MD5

    edad22b05b0e64a7fab77bb023afc682

  • SHA1

    700b89b2bcc30c6402a43b04e18cd84b8f62ccb8

  • SHA256

    3e0c2142867623e11eb199fe38cd9eb2fa3b083333824f111e49486b1aa99782

  • SHA512

    f692f7ba199169960b4baf7f66bc83c1c741362eee03922929af5ada18fdcf033e7ce3ee1994fc0b656b01215f2ecef37af52e6ea809242cdeb9bb71bcb90cb3

  • SSDEEP

    1536:nwhq8V9IpPf2lgiIJ4pivJnuNVueC39GdBR3M9cL:nqV9MziU4piRun7C3CP3Mi

Score
10/10
urelastrojan

Malware Config

Extracted

Family

urelas

C2

112.175.88.208

112.175.88.209

112.175.88.207

Targets

    • Target

      edad22b05b0e64a7fab77bb023afc682_JaffaCakes118

    • Size

      94KB

    • MD5

      edad22b05b0e64a7fab77bb023afc682

    • SHA1

      700b89b2bcc30c6402a43b04e18cd84b8f62ccb8

    • SHA256

      3e0c2142867623e11eb199fe38cd9eb2fa3b083333824f111e49486b1aa99782

    • SHA512

      f692f7ba199169960b4baf7f66bc83c1c741362eee03922929af5ada18fdcf033e7ce3ee1994fc0b656b01215f2ecef37af52e6ea809242cdeb9bb71bcb90cb3

    • SSDEEP

      1536:nwhq8V9IpPf2lgiIJ4pivJnuNVueC39GdBR3M9cL:nqV9MziU4piRun7C3CP3Mi

    Score
    10/10
    urelastrojan

    • Urelas

      Urelas is a trojan targeting card games.

      trojanurelas

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks