Overview

overview

10

Static

static

3

0a32143e69...cs.exe

windows7-x64

10

0a32143e69...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0a32143e69ceee82bbab560358d992b0_NeikiAnalytics.exe

  • Size

    272KB

  • Sample

    240531-sptlkscd3z

  • MD5

    0a32143e69ceee82bbab560358d992b0

  • SHA1

    2d96118ca36460309d6ec4d10c642ab6720217ee

  • SHA256

    24233629c98c6865c7d79a93242bad84df570be796849bdd9561a00a30d27df8

  • SHA512

    7368aab81b212f79447581a400eb157a93e8348b30af82eb78d94242bebdd6b04c088073e9156192cdf17d96e388f684bad22fc6e9f10219804a399d0a0b9a5f

  • SSDEEP

    6144:XwgM03hO1Gw64OU4OttDPGigknGDjvzYR05CFc/SnOC5:ggM03sA3uttDDgk6vzYR05Mc/QOC5

Score
10/10
urelasaspackv2trojan

Malware Config

Extracted

Family

urelas

C2

218.54.31.226

218.54.31.165

Targets

    • Target

      0a32143e69ceee82bbab560358d992b0_NeikiAnalytics.exe

    • Size

      272KB

    • MD5

      0a32143e69ceee82bbab560358d992b0

    • SHA1

      2d96118ca36460309d6ec4d10c642ab6720217ee

    • SHA256

      24233629c98c6865c7d79a93242bad84df570be796849bdd9561a00a30d27df8

    • SHA512

      7368aab81b212f79447581a400eb157a93e8348b30af82eb78d94242bebdd6b04c088073e9156192cdf17d96e388f684bad22fc6e9f10219804a399d0a0b9a5f

    • SSDEEP

      6144:XwgM03hO1Gw64OU4OttDPGigknGDjvzYR05CFc/SnOC5:ggM03sA3uttDDgk6vzYR05Mc/QOC5

    Score
    10/10
    urelasaspackv2trojan

    • Urelas

      Urelas is a trojan targeting card games.

      trojanurelas

    • ASPack v2.12-2.42

      Detects executables packed with ASPack v2.12-2.42

      aspackv2

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks