Overview

overview

10

Static

static

3

b2051422e6...90.exe

windows7-x64

10

b2051422e6...90.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b2051422e61b650f35f2a3d6c4ac5eb12f3791153ed8bbb5fd95bb6f88a83490

  • Size

    6.5MB

  • Sample

    240612-dcdl9szall

  • MD5

    80ce7f98edfdd8fe48863438b86eddbc

  • SHA1

    3ac14ddab6abb60e46cb537eba13c441032009ae

  • SHA256

    b2051422e61b650f35f2a3d6c4ac5eb12f3791153ed8bbb5fd95bb6f88a83490

  • SHA512

    da5a971230c05a263a245c6c9ff941bbf6f3a112f3a221d97ce4be04bdb9c37b2801abef0fee7bc0d5de0c6e33ed3b57a7cd8b60cc8b29da12210bbf7e20d1b1

  • SSDEEP

    98304:Roc5swrA2XGxlHKcjTjNk3o659yrnfKtDrKIAyyks+Ctf8mQZVSX:i0LrA2kHKQHNk3og9unipQyOaOX

Score
10/10
urelastrojanupx

Malware Config

Extracted

Family

urelas

C2

218.54.31.165

218.54.31.226

Targets

    • Target

      b2051422e61b650f35f2a3d6c4ac5eb12f3791153ed8bbb5fd95bb6f88a83490

    • Size

      6.5MB

    • MD5

      80ce7f98edfdd8fe48863438b86eddbc

    • SHA1

      3ac14ddab6abb60e46cb537eba13c441032009ae

    • SHA256

      b2051422e61b650f35f2a3d6c4ac5eb12f3791153ed8bbb5fd95bb6f88a83490

    • SHA512

      da5a971230c05a263a245c6c9ff941bbf6f3a112f3a221d97ce4be04bdb9c37b2801abef0fee7bc0d5de0c6e33ed3b57a7cd8b60cc8b29da12210bbf7e20d1b1

    • SSDEEP

      98304:Roc5swrA2XGxlHKcjTjNk3o659yrnfKtDrKIAyyks+Ctf8mQZVSX:i0LrA2kHKQHNk3og9unipQyOaOX

    Score
    10/10
    urelastrojanupx

    • Urelas

      Urelas is a trojan targeting card games.

      trojanurelas

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks