Overview

overview

10

Static

static

3

1de46b5584...cs.exe

windows7-x64

10

1de46b5584...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1de46b558483439bd916a14c4a30f4a0_NeikiAnalytics.exe

  • Size

    217KB

  • Sample

    240612-eyzmas1bke

  • MD5

    1de46b558483439bd916a14c4a30f4a0

  • SHA1

    80bed97efc1ab671acc2451eaa560cca62e2e7bc

  • SHA256

    ede94fec20c3b624c31f51bf658e8f38610c9be9aa39053d8512900d87e23079

  • SHA512

    85fc2642672c3eb0ab2df450e4fb475735ea32139a3e38d797ec14049092c5b6890d43f54ab3489eb76e01354cb6a34d3c4948a037983ffd34f5b7cac87bd31c

  • SSDEEP

    3072:MlSjjvv9GvowY6VNN1cqpr6aiKakTakIztxq83+kK:prcvlTjPFNukuk+q8uv

Score
10/10
urelastrojan

Malware Config

Extracted

Family

urelas

C2

1.234.83.146

133.242.129.155

218.54.31.226

218.54.31.165

Targets

    • Target

      1de46b558483439bd916a14c4a30f4a0_NeikiAnalytics.exe

    • Size

      217KB

    • MD5

      1de46b558483439bd916a14c4a30f4a0

    • SHA1

      80bed97efc1ab671acc2451eaa560cca62e2e7bc

    • SHA256

      ede94fec20c3b624c31f51bf658e8f38610c9be9aa39053d8512900d87e23079

    • SHA512

      85fc2642672c3eb0ab2df450e4fb475735ea32139a3e38d797ec14049092c5b6890d43f54ab3489eb76e01354cb6a34d3c4948a037983ffd34f5b7cac87bd31c

    • SSDEEP

      3072:MlSjjvv9GvowY6VNN1cqpr6aiKakTakIztxq83+kK:prcvlTjPFNukuk+q8uv

    Score
    10/10
    urelastrojan

    • Urelas

      Urelas is a trojan targeting card games.

      trojanurelas

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks