Overview

overview

10

Static

static

7

0ba7cdd478...cs.exe

windows7-x64

10

0ba7cdd478...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0ba7cdd478b3f411d9fdd36169a1a5a0_NeikiAnalytics.exe

  • Size

    323KB

  • Sample

    240611-25exssvhlf

  • MD5

    0ba7cdd478b3f411d9fdd36169a1a5a0

  • SHA1

    381e4fa18d8e2c4741afc0d961463a690cca9606

  • SHA256

    4a962624adb34f6e3f897a5397f351abe1bb08da2cd7f96ff10c7cde8d4068e6

  • SHA512

    2650399e35ed009370047720ffacd2fbd3f1f8e4c86b89e22e8a757c879a2eb624445e296f44e341317bf2d88ff2314a8ab3f0b5db28c2188f00d42a5e3150f8

  • SSDEEP

    6144:cEo/rmV71+I8ZD/h/vFfhxxQO4B4tqv+Hq/On1NHwBzQ4bed76a3FoSx0f:cEo/6YnZVB1rkAqcNAzQCed7J1oS8

Score
10/10
urelastrojanupx

Malware Config

Extracted

Family

urelas

C2

1.234.83.146

133.242.129.155

218.54.31.226

218.54.31.165

Targets

    • Target

      0ba7cdd478b3f411d9fdd36169a1a5a0_NeikiAnalytics.exe

    • Size

      323KB

    • MD5

      0ba7cdd478b3f411d9fdd36169a1a5a0

    • SHA1

      381e4fa18d8e2c4741afc0d961463a690cca9606

    • SHA256

      4a962624adb34f6e3f897a5397f351abe1bb08da2cd7f96ff10c7cde8d4068e6

    • SHA512

      2650399e35ed009370047720ffacd2fbd3f1f8e4c86b89e22e8a757c879a2eb624445e296f44e341317bf2d88ff2314a8ab3f0b5db28c2188f00d42a5e3150f8

    • SSDEEP

      6144:cEo/rmV71+I8ZD/h/vFfhxxQO4B4tqv+Hq/On1NHwBzQ4bed76a3FoSx0f:cEo/6YnZVB1rkAqcNAzQCed7J1oS8

    Score
    10/10
    urelastrojanupx

    • Urelas

      Urelas is a trojan targeting card games.

      trojanurelas

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks