Overview

overview

10

Static

static

10

32a8633e85...cs.exe

windows7-x64

10

32a8633e85...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    32a8633e85d46b2ac179622c8a339a94670cffe9eebc1cc1f4e243b48aee735a_NeikiAnalytics.exe

  • Size

    266KB

  • Sample

    240620-etparssfmn

  • MD5

    5697ab83962cdd7ef04a84b230ac1c00

  • SHA1

    afbd779643d78f1667958ff1a2c9b271420d2334

  • SHA256

    32a8633e85d46b2ac179622c8a339a94670cffe9eebc1cc1f4e243b48aee735a

  • SHA512

    8290631716813c997782afd6e832393a5910c0258a4198e45881c60dafd7157b8848c93a2fd03a035348b8c9c9a8f4cdadfd09d7f15b6266e4016baa4d92b338

  • SSDEEP

    6144:RZibQcmlVD+BgotLvTtehd1wLIE92FJ1wZycp3HiTJ/:R0q+BgotLvTtehd1wd92FJ1Nl

Score
10/10
urelastrojan

Malware Config

Extracted

Family

urelas

C2

112.175.88.208

112.175.88.207

Targets

    • Target

      32a8633e85d46b2ac179622c8a339a94670cffe9eebc1cc1f4e243b48aee735a_NeikiAnalytics.exe

    • Size

      266KB

    • MD5

      5697ab83962cdd7ef04a84b230ac1c00

    • SHA1

      afbd779643d78f1667958ff1a2c9b271420d2334

    • SHA256

      32a8633e85d46b2ac179622c8a339a94670cffe9eebc1cc1f4e243b48aee735a

    • SHA512

      8290631716813c997782afd6e832393a5910c0258a4198e45881c60dafd7157b8848c93a2fd03a035348b8c9c9a8f4cdadfd09d7f15b6266e4016baa4d92b338

    • SSDEEP

      6144:RZibQcmlVD+BgotLvTtehd1wLIE92FJ1wZycp3HiTJ/:R0q+BgotLvTtehd1wd92FJ1Nl

    Score
    10/10
    urelastrojan

    • Urelas

      Urelas is a trojan targeting card games.

      trojanurelas

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks