General
-
Target
cede9ce772059e85a5cd3f20cb5cddf99571d2422fc78ae445eaedc0294d6c90
-
Size
94KB
-
Sample
240524-d3n6pabe59
-
MD5
8df3f3a9ec3589de821002a587b7a28b
-
SHA1
799128e173901513c92032a6506d80b962eb88fc
-
SHA256
cede9ce772059e85a5cd3f20cb5cddf99571d2422fc78ae445eaedc0294d6c90
-
SHA512
27433471b67a28961fb397a55f88b1f86664a2f97c5f6316dd77a39d07470f2ca078e43cb297a40f16ff9fc1d8fecce228e2de922aca5d826313747090207daa
-
SSDEEP
1536:OVNSf7hyk+I6412V6PMqAax80XAFSrRLgA:SSf9yk+U2V63XAFSrRLb
Malware Config
Extracted
urelas
218.54.47.77
218.54.47.74
Targets
-
-
Target
cede9ce772059e85a5cd3f20cb5cddf99571d2422fc78ae445eaedc0294d6c90
-
Size
94KB
-
MD5
8df3f3a9ec3589de821002a587b7a28b
-
SHA1
799128e173901513c92032a6506d80b962eb88fc
-
SHA256
cede9ce772059e85a5cd3f20cb5cddf99571d2422fc78ae445eaedc0294d6c90
-
SHA512
27433471b67a28961fb397a55f88b1f86664a2f97c5f6316dd77a39d07470f2ca078e43cb297a40f16ff9fc1d8fecce228e2de922aca5d826313747090207daa
-
SSDEEP
1536:OVNSf7hyk+I6412V6PMqAax80XAFSrRLgA:SSf9yk+U2V63XAFSrRLb
Score10/10-
Urelas
Urelas is a trojan targeting card games.
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-