General
-
Target
52b1f91d51ca7d53a07378e6414d2740_NEAS
-
Size
449KB
-
Sample
240507-c52n5aef2w
-
MD5
52b1f91d51ca7d53a07378e6414d2740
-
SHA1
d92a9127fe66e57c9de888e3940a21ac8e66ed81
-
SHA256
82a2e76153620033ffa9417b876a9fdd9efe52cc9bc8064990007636dd6e4d7d
-
SHA512
723ccbe299e5052c7f241e7a744ed42ed906f482d5531789282a7b16adae0eae33fbd762defaee9c302fc355f12e71775bbf5a683659b2755f2504223a8519e6
-
SSDEEP
6144:oEK25f5ySIcWLsxIIW4DYM6SB6v+qLnAzYmhwrxcvkzmSOpjdO16:oMpASIcWYx2U6hAJQnMn
Malware Config
Extracted
urelas
218.54.31.165
218.54.31.226
Targets
-
-
Target
52b1f91d51ca7d53a07378e6414d2740_NEAS
-
Size
449KB
-
MD5
52b1f91d51ca7d53a07378e6414d2740
-
SHA1
d92a9127fe66e57c9de888e3940a21ac8e66ed81
-
SHA256
82a2e76153620033ffa9417b876a9fdd9efe52cc9bc8064990007636dd6e4d7d
-
SHA512
723ccbe299e5052c7f241e7a744ed42ed906f482d5531789282a7b16adae0eae33fbd762defaee9c302fc355f12e71775bbf5a683659b2755f2504223a8519e6
-
SSDEEP
6144:oEK25f5ySIcWLsxIIW4DYM6SB6v+qLnAzYmhwrxcvkzmSOpjdO16:oMpASIcWYx2U6hAJQnMn
Score10/10-
Urelas
Urelas is a trojan targeting card games.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-